Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2015-0837

created 1 month, 3 weeks ago

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before …

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

References

http://www.debian.org/security/2015/dsa-3184 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRM
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRM
https://ieeexplore.ieee.org/document/7163050 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_transferredx_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRMx_transferred
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRMx_transferred
https://ieeexplore.ieee.org/document/7163050 x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRM
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRM
https://ieeexplore.ieee.org/document/7163050 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_transferredx_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRMx_transferred
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRMx_transferred
https://ieeexplore.ieee.org/document/7163050 x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRM
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRM
https://ieeexplore.ieee.org/document/7163050 x_refsource_MISC
http://www.debian.org/security/2015/dsa-3184 x_transferredx_refsource_MISC
http://www.debian.org/security/2015/dsa-3185 x_transferredx_refsource_MISC
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html x_refsource_CONFIRMx_transferred
https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html x_refsource_CONFIRMx_transferred
https://ieeexplore.ieee.org/document/7163050 x_transferredx_refsource_MISC

Affected products

GnuPG

==before 1.4.19

Libgcrypt

==before 1.6.3

Matching in nixpkgs

pkgs.gnupg

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.gnupg1

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.gnupg24

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.libgcrypt

General-purpose cryptographic library

nixos-unstable 1.11.2
- nixpkgs-unstable 1.11.2
- nixos-unstable-small 1.11.2
nixos-25.11 1.11.2
- nixos-25.11-small 1.11.2
- nixpkgs-25.11-darwin 1.11.2

pkgs.pam_gnupg

Unlock GnuPG keys on login

nixos-unstable 0.4
- nixpkgs-unstable 0.4
- nixos-unstable-small 0.4
nixos-25.11 0.4
- nixos-25.11-small 0.4
- nixpkgs-25.11-darwin 0.4

pkgs.gnupg1compat

Modern release of the GNU Privacy Guard, a GPL OpenPGP implementation with symbolic links for gpg and gpgv

nixos-unstable 2.4.8
- nixpkgs-unstable 2.4.8
- nixos-unstable-small 2.4.8
nixos-25.11 2.4.8
- nixos-25.11-small 2.4.8
- nixpkgs-25.11-darwin 2.4.8

pkgs.gnupg-pkcs11-scd

Smart-card daemon to enable the use of PKCS#11 tokens with GnuPG

nixos-unstable pkcs11-scd-0.11.0
- nixpkgs-unstable pkcs11-scd-0.11.0
- nixos-unstable-small pkcs11-scd-0.11.0
nixos-25.11 pkcs11-scd-0.11.0
- nixos-25.11-small pkcs11-scd-0.11.0
- nixpkgs-25.11-darwin pkcs11-scd-0.11.0

pkgs.phpExtensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.php81Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

pkgs.php82Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.php83Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.php84Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.php85Extensions.gnupg

PHP wrapper for GpgME library that provides access to GnuPG

nixos-unstable 1.5.4
- nixpkgs-unstable 1.5.4
- nixos-unstable-small 1.5.4
nixos-25.11 1.5.4
- nixos-25.11-small 1.5.4
- nixpkgs-25.11-darwin 1.5.4

pkgs.sequoia-chameleon-gnupg

Sequoia's reimplementation of the GnuPG interface

nixos-unstable 0.13.1
- nixpkgs-unstable 0.13.1
- nixos-unstable-small 0.13.1
nixos-25.11 0.13.1
- nixos-25.11-small 0.13.1
- nixpkgs-25.11-darwin 0.13.1

pkgs.perlPackages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03
nixos-25.11 1.03
- nixos-25.11-small 1.03
- nixpkgs-25.11-darwin 1.03

pkgs.perl5Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-unstable 1.03
- nixpkgs-unstable 1.03
- nixos-unstable-small 1.03

pkgs.perl538Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-25.11 1.03
- nixos-25.11-small 1.03
- nixpkgs-25.11-darwin 1.03

pkgs.perl540Packages.GnuPGInterface

Supply object methods for interacting with GnuPG

nixos-25.11 1.03
- nixos-25.11-small 1.03
- nixpkgs-25.11-darwin 1.03

pkgs.python312Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-25.11 0.5.5
- nixos-25.11-small 0.5.5
- nixpkgs-25.11-darwin 0.5.5

pkgs.python313Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5
nixos-25.11 0.5.5
- nixos-25.11-small 0.5.5
- nixpkgs-25.11-darwin 0.5.5

pkgs.python314Packages.python-gnupg

API for the GNU Privacy Guard (GnuPG)

nixos-unstable 0.5.5
- nixpkgs-unstable 0.5.5
- nixos-unstable-small 0.5.5

Package maintainers

@stigtsp Stig Palmquist <stig@stig.io>
@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@matthiasbeyer Matthias Beyer <mail@beyermatthias.de>
@philandstuff Philip Potter <philip.g.potter@gmail.com>
@mtreca Maxime Tréca <maxime.treca@gmail.com>
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
@taikx4 taikx4 <taikx4@taikx4szlaj2rsdupcwabg35inbny4jk322ngeb7qwbbhd5i55nf5yyd.onion>
@aanderse Aaron Andersen <aaron@fosslib.net>
@talyz Kim Lindberger <kim.lindberger@gmail.com>
@piotrkwiecinski Piotr Kwiecinski <piokwiecinski+nixpkgs@gmail.com>
@drupol Pol Dellaiera <pol.dellaiera@protonmail.com>
@NickCao Nick Cao <nickcao@nichi.co>