Libgcrypt version 1.6.3 [1] and GnuPG version 1.4.19 [2] fix a side-channel attack on data-dependent timing variations in modular exponentiation, which can potentially lead to an information leak. [1]: https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html [2]: https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html
Created gnupg tracking bugs for this issue: Affects: fedora-all [bug 1198154]
Created libgcrypt tracking bugs for this issue: Affects: fedora-all [bug 1198152]
Created mingw-libgcrypt tracking bugs for this issue: Affects: fedora-all [bug 1198153]
Created mingw-libgcrypt tracking bugs for this issue: Affects: epel-all [bug 1198156]
gnupg-1.4.19-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
libgcrypt-1.6.3-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
gnupg-1.4.19-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
gnupg-1.4.19-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
libgcrypt-1.6.3-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
Statement: Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw in the libgcrypt and gnupg2 packages. The attack leading to this flaw, is difficult to conduct in practice especially for cross-vm environments, mainly because the attacker needs to run their timing attack script at the exact same time decryption runs on the victim machine. Also this is essentially a chosen ciphertext attack because the attacker provides the ciphertext which the victim needs to be decrypt. Such actions only work when there is sufficient social engineer involved.