Libgcrypt is vulnerable to the Marvin attack.
*** Bug 2268268 has been marked as a duplicate of this bug. ***
Created libgcrypt tracking bugs for this issue: Affects: fedora-all [bug 2274128] Created mingw-libgcrypt tracking bugs for this issue: Affects: fedora-all [bug 2274129]
Hi, adding a summary of this CVE and links that need to be updated to the CVE listing: * The upstream issue tracking this vulnerability: https://dev.gnupg.org/T7136 * The patches fixing this are available in our gitlab mirror: https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/19