[Date Prev][Date Next] [Chronological] [Thread] [Top]

libgcrypt's RSA-1024 and RSA-2048 broken

To: OpenLDAP Technical <openldap-technical@OpenLDAP.org>
Subject: libgcrypt's RSA-1024 and RSA-2048 broken
From: Howard Chu <hyc@symas.com>
Date: Wed, 5 Jul 2017 18:42:12 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:56.0) Gecko/20100101 Firefox/56.0 SeaMonkey/2.53a1

http://thehackernews.com/2017/07/gnupg-libgcrypt-rsa-encryption.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.1529.bu0ao09z2f.wya

I believe most deployments of GnuTLS now use nettle instead of libgcrypt. Butif you're on an older Debian or Ubuntu, using their packaged OpenLDAP builtwith GnuTLS, you should check what version of GnuTLS and libgcrypt you're using.

And you should seriously consider not using their package; rebuild from sourcewith OpenSSL or get a package from LTB or Symas.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: libgcrypt's RSA-1024 and RSA-2048 broken
  - From: Ryan Tandy <ryan@nardis.ca>

Prev by Date: RE: client-pr option for meta backend
Next by Date: RE: client-pr option for meta backend
Index(es):
- Chronological
- Thread