Gentoo Linux Security Advisory 201612-1 - Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable. Versions less than 1.4.21 are affected.
37fe9de631962cfd3e2975a9e2c328624e54229c467b32de7b2928980e4dd247
Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.
caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521
Gentoo Linux Security Advisory 201610-4 - Multiple vulnerabilities have been fixed in libgcrypt,the worst of which results in predictable output from the random number generator. Versions less than 1.7.3 are affected.
5619b69bf4075be672b52dd153d8f9e314becc2be95833013f21e6768d5f5bc7
Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e
Ubuntu Security Notice 3064-1 - Felix Doerre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.
32f0380e387cc522e4861cb3c5789969e6795c00bc238ae1cf1d227ac0f155b5
Ubuntu Security Notice 3065-1 - Felix Doerre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.
c98949d4841a7c0c1b1da172bfff40d4fc7c110ecdd4cc157730bdce69120e13
Debian Linux Security Advisory 3650-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.
efa2674601472cec1e98270928a4f9e5f05edc5bf53fa17755195d156213cafe
Debian Linux Security Advisory 3649-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.
ace6c155c376eb89be0ddc0b2ea842d1d45347d5464a43149266d99a003d042a