Ubuntu Security Notification for Libgcrypt11, Libgcrypt20 Vulnerability (USN-3065-1)——漏洞银行丨0DAY BANK

It was discovered that Libgcrypt incorrectly handled mixing functions in the random number generator.

An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

Refer to Ubuntu advisory USN-3065-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3065-1: 12.04 (Precise) on src (libgcrypt11)

USN-3065-1: 16.04 (Xenial) on src (libgcrypt20)

USN-3065-1: 14.04 (Kylin) on src (libgcrypt11)