Version in base suite: 1.11.0-7 Base version: libgcrypt20_1.11.0-7 Target version: libgcrypt20_1.11.0-7+deb13u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/libg/libgcrypt20/libgcrypt20_1.11.0-7.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/libg/libgcrypt20/libgcrypt20_1.11.0-7+deb13u1.dsc changelog | 7 + patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch | 41 ++++++++++ patches/series | 1 3 files changed, 49 insertions(+) dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpu0q2i2k5/libgcrypt20_1.11.0-7.dsc: no acceptable signature found dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpu0q2i2k5/libgcrypt20_1.11.0-7+deb13u1.dsc: no acceptable signature found diff -Nru libgcrypt20-1.11.0/debian/changelog libgcrypt20-1.11.0/debian/changelog --- libgcrypt20-1.11.0/debian/changelog 2024-12-24 12:35:47.000000000 +0000 +++ libgcrypt20-1.11.0/debian/changelog 2026-05-19 19:41:39.000000000 +0000 @@ -1,3 +1,10 @@ +libgcrypt20 (1.11.0-7+deb13u1) trixie-security; urgency=high + + * Non-maintainer upload by the Security Team. + * cipher:ecc: Fix decoding a point on Montgomery curve. (CVE-2026-41989) + + -- Salvatore Bonaccorso Tue, 19 May 2026 21:41:39 +0200 + libgcrypt20 (1.11.0-7) unstable; urgency=medium [ Simon McVittie ] diff -Nru libgcrypt20-1.11.0/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch libgcrypt20-1.11.0/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch --- libgcrypt20-1.11.0/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch 1970-01-01 00:00:00.000000000 +0000 +++ libgcrypt20-1.11.0/debian/patches/cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch 2026-05-19 19:38:56.000000000 +0000 @@ -0,0 +1,41 @@ +From: NIIBE Yutaka +Date: Fri, 10 Apr 2026 16:58:57 +0900 +Subject: cipher:ecc: Fix decoding a point on Montgomery curve. +Origin: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=2d3d732c9bf87cc10729f69678dd9e6862f99fa3 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2026-41989 + +* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the padding +mistake and add updating RAWMPILEN. + +-- + +Reported by Calif.io in collaboration with Claude and Anthropic +Research. + +GnuPG-bug-id: 8211 +Fixes-commit: bbe15758c893dbf546416c1a6bccdad1ab000ad7 +Suggested-by: Bronson Yen +Signed-off-by: NIIBE Yutaka +--- + cipher/ecc-misc.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c +index 615b0df2dcd5..ab3799dcb06d 100644 +--- a/cipher/ecc-misc.c ++++ b/cipher/ecc-misc.c +@@ -438,7 +438,10 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ec, mpi_point_t result) + *--p = *buf++; + + if (rawmpilen < nbytes) +- memset (rawmpi + nbytes - rawmpilen, 0, nbytes - rawmpilen); ++ { ++ memset (rawmpi + rawmpilen, 0, nbytes - rawmpilen); ++ rawmpilen = nbytes; ++ } + } + else + { +-- +2.53.0 + diff -Nru libgcrypt20-1.11.0/debian/patches/series libgcrypt20-1.11.0/debian/patches/series --- libgcrypt20-1.11.0/debian/patches/series 2024-12-24 12:34:08.000000000 +0000 +++ libgcrypt20-1.11.0/debian/patches/series 2026-05-19 19:40:11.000000000 +0000 @@ -3,3 +3,4 @@ 25_norevisionfromgit.diff 30_mpi-ec-inline-reduce-register-pressure-on-32-bit-ARM.patch lp2083245-disable-sha3-s390x-acceleration-for-cshake.patch +cipher-ecc-Fix-decoding-a-point-on-Montgomery-curve.patch