Security update for libgcrypt
libgcrypt was updated to include countermeasures against Lenstra's fault attack on RSA Chinese Remainder Theorem optimization in RSA.
A signature verification step was updated to protect against leaks of private keys in case of hardware faults or implementation errors in numeric libraries.
GnuPG already performed this check by itself and was not affected. This fix is equivalent, but not equal to CVE-2015-5738
- Submitted by Vítězslav Čížek (vitezslav_cizek)
Fixed bugs
bnc#944835
VUL-0: RSA-CRT key leaks overall tracker bug