Recommended update for libgcrypt

SUSE Recommended Update: Recommended update for libgcrypt

---

Announcement ID:	SUSE-RU-2020:1063-1
Rating:	moderate
References:	#1165539 #1169569
Affected Products:	SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP1

---

An update that has two recommended fixes can now be installed.

Description:

This update for libgcrypt fixes the following issues:
This update for libgcrypt fixes the following issues:

• FIPS: Switch the PCT to use the new signature operation (bsc#1165539)
• FIPS: Verify that the generated signature and the original input differ in test_keys function for RSA, DSA and ECC (bsc#1165539)
• Add zero-padding when qx and qy have different lengths when assembling the Q point from affine coordinates.
• Ship the FIPS checksum file in the shared library package and create a separate trigger file for the FIPS selftests (bsc#1169569)

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:
  zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1063=1
• SUSE Linux Enterprise Module for Basesystem 15-SP1:
  zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1063=1

Package List:

• SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64):
  • libgcrypt-cavs-1.8.2-8.30.1
  • libgcrypt-cavs-debuginfo-1.8.2-8.30.1
  • libgcrypt-debugsource-1.8.2-8.30.1
• SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (x86_64):
  • libgcrypt-devel-32bit-1.8.2-8.30.1
  • libgcrypt-devel-32bit-debuginfo-1.8.2-8.30.1
• SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64):
  • libgcrypt-debugsource-1.8.2-8.30.1
  • libgcrypt-devel-1.8.2-8.30.1
  • libgcrypt-devel-debuginfo-1.8.2-8.30.1
  • libgcrypt20-1.8.2-8.30.1
  • libgcrypt20-debuginfo-1.8.2-8.30.1
  • libgcrypt20-hmac-1.8.2-8.30.1
• SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64):
  • libgcrypt20-32bit-1.8.2-8.30.1
  • libgcrypt20-32bit-debuginfo-1.8.2-8.30.1
  • libgcrypt20-hmac-32bit-1.8.2-8.30.1

References:

• https://bugzilla.suse.com/1165539
• https://bugzilla.suse.com/1169569