| Package | libgcrypt20 |
|---|---|
| Version | 1.6.3-2+deb8u9 |
| Related CVEs | CVE-2021-33560 |
An issue has been found in libgcrypt20, a crypto library. Mishandling of ElGamal encryption results in a possible side-channel attack and an interoperability problem with keys not generated by GnuPG/libgcrypt.
For Debian 8 jessie, these problems have been fixed in version 1.6.3-2+deb8u9.
We recommend that you upgrade your libgcrypt20 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.