This release includes two bug-fixes:
- Fix possible timing attack on EdDSA session key.
- Fix long standing bug in secure memory implementation which could
lead to a segv on free. [bug#3027]
* gnu/packages/gnupg.scm (libgcrypt): Update to 1.7.7.
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.7.6")
+ (version "1.7.7")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "1g05prhgqw4ryd0w433q8nhds0h93kf47hfjagi2r7dghkpaysk2"))))
+ "16ndaj93asw122mwjz172x2ilpm03w1yp5mqcrp3xslk0yx5xf5r"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))