UbuntuUpdates.org

Package "nettle"

Name: nettle

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • low level cryptographic library (public-key cryptos)
  • low level cryptographic library (symmetric and one-way cryptos)
  • low level cryptographic library (debugging symbols)
  • low level cryptographic library (development files)
Latest version: 2.4-1ubuntu0.1
Release: precise (12.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "nettle" in Precise

Repository Area Version
base main 2.4-1
base universe 2.4-1
security universe 2.4-1ubuntu0.1
updates universe 2.4-1ubuntu0.1
updates main 2.4-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4-1ubuntu0.1 2017-02-06 20:06:45 UTC

  nettle (2.4-1ubuntu0.1) precise-security; urgency=medium

  * SECURITY UPDATE: RSA cache timing side-channel attack
    - debian/patches/CVE-2016-6489.patch: use mpz_powm_sec and check for
      invalid keys in dsa-sign.c, rsa-decrypt.c, rsa-md5-sign.c,
      rsa-sha1-sign.c, rsa-sha256-sign.c, rsa-sha512-sign.c, rsa-sign.c,
      rsa.c, testsuite/rsa-test.c.
    - CVE-2016-6489

 -- Marc Deslauriers <email address hidden> Fri, 03 Feb 2017 08:55:02 -0500
CVE-2016-6489 RSA code is vulnerable to cache sharing related attacks


About   -   Send Feedback to @ubuntu_updates