Ubuntu
nettle package

Change logs for nettle source package in Trusty

Trusty (14.04)
Change log

nettle (2.7.1-1ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: RSA cache timing side-channel attack
    - debian/patches/CVE-2016-6489.patch: use mpz_powm_sec and check for
      invalid keys in dsa-sign.c, rsa-blind.c, rsa-pkcs1-sign-tr.c,
      rsa-pkcs1-sign.c, rsa-sign.c, rsa.c, testsuite/rsa-test.c,
      rsa-decrypt-tr.c, rsa-decrypt.c.
    - CVE-2016-6489

 -- Marc Deslauriers <email address hidden>  Fri, 03 Feb 2017 08:40:39 -0500

nettle (2.7.1-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: miscomputation bugs in secp-256r1 modulo functions
    - debian/patches/CVE-2015-8803_8805.patch: fix carry propagation bugs
      in ecc-256.c.
    - CVE-2015-8803
    - CVE-2015-8805
  * SECURITY UPDATE: carry folding bug in x86_64 ecc_384_modp
    - debian/patches/CVE-2015-8804.patch: fix carry propagation bug in
      x86_64/ecc-384-modp.asm.
    - CVE-2015-8804

 -- Marc Deslauriers <email address hidden>  Wed, 10 Feb 2016 13:34:57 -0500

nettle (2.7.1-1) unstable; urgency=low


  * New upstream bugfix release.

 -- Magnus Holmgren <email address hidden>  Wed, 29 May 2013 19:25:35 +0200

Ubuntunettle package

Change logs for nettle source package in Trusty

Ubuntu
nettle package