Control: tags -1 + moreinfo On Sun, 2016-08-14 at 16:00 +0200, Salvatore Bonaccorso wrote: > I would like to propose the following hardening to src:gnupg2 which was > found during the analysis of a vulnerability report to the security team > and related to > https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf > and developed by NIIBE Yutaka. The underlying problem in hardware cannot > be solved in software (and thus we don't want to issue a DSA for it, and > give possibly this false impression), and as pointed out by Florian > there are some other open questions regarding the paper and the attacks > described there.
I'd like to treat this and the corresponding gnupg update as a unit (taking both or neither) so holding for now. Regards, Adam
