USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information.
{ "availability": "No subscription required", "binaries": [ { "libgcrypt20-udeb-dbgsym": "1.6.5-2ubuntu0.6", "libgcrypt20-doc": "1.6.5-2ubuntu0.6", "libgcrypt20": "1.6.5-2ubuntu0.6", "libgcrypt20-dev": "1.6.5-2ubuntu0.6", "libgcrypt11-dev": "1.5.4-3+really1.6.5-2ubuntu0.6", "libgcrypt20-dev-dbgsym": "1.6.5-2ubuntu0.6", "libgcrypt20-dbgsym": "1.6.5-2ubuntu0.6", "libgcrypt20-udeb": "1.6.5-2ubuntu0.6" } ] }