Reality surpasses fiction:
DSA 2013-2821
Package : gnupg
Vulnerability : side channel attack
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-4576
Genkin, Shamir and Tromer discovered that RSA key material could be extracted by using the sound generated by the computer during the decryption of some chosen ciphertexts.
O_o #cannotbelieve
And a fix is providen. #Freesoftware people are awesome.
Douglas Perkins, Hilton Garcia Fernandes, McScx, RuiSeabra and 8 others likes this.
Hilton Garcia Fernandes, McScx, Panko shared this.
And... in today's upgrade... Here it is!
gnupg (1.4.15-2) unstable; urgency=high
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See . [CVE-2013-4576]
* Add two Gemalto card readers to udev rules (closes: #730872),