Version in base suite: 1.10.1-3 Base version: libgcrypt20_1.10.1-3 Target version: libgcrypt20_1.10.1-3+deb12u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/libg/libgcrypt20/libgcrypt20_1.10.1-3.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/libg/libgcrypt20/libgcrypt20_1.10.1-3+deb12u1.dsc changelog | 7 + patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch | 41 ++++++++++ patches/series | 1 3 files changed, 49 insertions(+) dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp2valmhjl/libgcrypt20_1.10.1-3.dsc: no acceptable signature found dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp2valmhjl/libgcrypt20_1.10.1-3+deb12u1.dsc: no acceptable signature found diff -Nru libgcrypt20-1.10.1/debian/changelog libgcrypt20-1.10.1/debian/changelog --- libgcrypt20-1.10.1/debian/changelog 2022-11-19 16:59:10.000000000 +0000 +++ libgcrypt20-1.10.1/debian/changelog 2026-05-19 19:55:38.000000000 +0000 @@ -1,3 +1,10 @@ +libgcrypt20 (1.10.1-3+deb12u1) bookworm-security; urgency=high + + * Non-maintainer upload by the Security Team. + * cipher:ecc: Fix decoding a point on Montgomery curve. (CVE-2026-41989) + + -- Salvatore Bonaccorso Tue, 19 May 2026 21:55:38 +0200 + libgcrypt20 (1.10.1-3) unstable; urgency=medium * 32-build-Prefer-gpgrt-config-when-available.patch from diff -Nru libgcrypt20-1.10.1/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch libgcrypt20-1.10.1/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch --- libgcrypt20-1.10.1/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch 1970-01-01 00:00:00.000000000 +0000 +++ libgcrypt20-1.10.1/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch 2026-05-19 19:55:00.000000000 +0000 @@ -0,0 +1,41 @@ +From: NIIBE Yutaka +Date: Fri, 10 Apr 2026 16:58:57 +0900 +Subject: cipher:ecc: Fix decoding a point on Montgomery curve. +Origin: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=2d3d732c9bf87cc10729f69678dd9e6862f99fa3 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2026-41989 + +* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the padding +mistake and add updating RAWMPILEN. + +-- + +Reported by Calif.io in collaboration with Claude and Anthropic +Research. + +GnuPG-bug-id: 8211 +Fixes-commit: bbe15758c893dbf546416c1a6bccdad1ab000ad7 +Suggested-by: Bronson Yen +Signed-off-by: NIIBE Yutaka +--- + cipher/ecc-misc.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c +index 615b0df2dcd5..ab3799dcb06d 100644 +--- a/cipher/ecc-misc.c ++++ b/cipher/ecc-misc.c +@@ -438,7 +438,10 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ec, mpi_point_t result) + *--p = *buf++; + + if (rawmpilen < nbytes) +- memset (rawmpi + nbytes - rawmpilen, 0, nbytes - rawmpilen); ++ { ++ memset (rawmpi + rawmpilen, 0, nbytes - rawmpilen); ++ rawmpilen = nbytes; ++ } + } + else + { +-- +2.53.0 + diff -Nru libgcrypt20-1.10.1/debian/patches/series libgcrypt20-1.10.1/debian/patches/series --- libgcrypt20-1.10.1/debian/patches/series 2022-11-19 16:53:55.000000000 +0000 +++ libgcrypt20-1.10.1/debian/patches/series 2026-05-19 19:55:19.000000000 +0000 @@ -6,3 +6,4 @@ 32-build-Prefer-gpgrt-config-when-available.patch 35-keccak-Use-size_t-to-avoid-integer-overflow.patch 37-doc-Update-document-for-pkg-config-and-libgcrypt.m4.patch +cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch