Format: 1.8 Date: Wed, 07 Apr 2021 10:17:03 -0400 Source: nettle Binary: libnettle6 libhogweed4 nettle-dev nettle-bin Architecture: s390x Version: 3.4-1ubuntu0.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libhogweed4 - low level cryptographic library (public-key cryptos) libnettle6 - low level cryptographic library (symmetric and one-way cryptos) nettle-bin - low level cryptographic library (binary tools) nettle-dev - low level cryptographic library (development files) Changes: nettle (3.4-1ubuntu0.1) bionic-security; urgency=medium . * SECURITY UPDATE: Out of Bound memory access in signature verification - debian/patches/CVE-2021-20305-1.patch: new functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical in curve25519-eh-to-x.c, curve448-eh-to-x.c, ecc-eh-to-a.c, ecc-internal.h, ecc-j-to-a.c, ecc-mod-arith.c, ecc-mul-m.c. - debian/patches/CVE-2021-20305-2.patch: use ecc_mod_mul_canonical for point comparison in eddsa-verify.c. - debian/patches/CVE-2021-20305-3.patch: fix bug in ecc_ecdsa_verify in ecc-ecdsa-verify.c, testsuite/ecdsa-sign-test.c. - debian/patches/CVE-2021-20305-4.patch: ensure ecdsa_sign output is canonically reduced in ecc-ecdsa-sign.c. - debian/patches/CVE-2021-20305-6.patch: similar fix for eddsa in eddsa-hash.c. - debian/libhogweed4.symbols: added new symbols. - CVE-2021-20305 Checksums-Sha1: 2ffa89cbe52c942cf50b6b3ef2ef6975c0c675aa 174432 libhogweed4-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 0165faa91f57280e8496c188f951f373acd6546c 135768 libhogweed4_3.4-1ubuntu0.1_s390x.deb 2270c3cb44a2b03a2c582287af17079b13d9ffe4 214884 libnettle6-dbgsym_3.4-1ubuntu0.1_s390x.ddeb f9642416af780a06d5f03fa262666d2cc878c9f1 120372 libnettle6_3.4-1ubuntu0.1_s390x.deb 57c39f70408699a57f37062ea94b7c4e9bc959ee 176680 nettle-bin-dbgsym_3.4-1ubuntu0.1_s390x.ddeb c06858f4e872cbf07f8ebbccc093060e2bdb78bc 24572 nettle-bin_3.4-1ubuntu0.1_s390x.deb 2040e74cd0b096cba410ca5230f596cbca9bd35b 961152 nettle-dev_3.4-1ubuntu0.1_s390x.deb b42cbcadcb3cda11f7cb58ec598dd1811f43afdc 7063 nettle_3.4-1ubuntu0.1_s390x.buildinfo Checksums-Sha256: b6aad8febe03e1e0831a0674d54378e2a4a4d317daf2aa8547676f3a7519b9cb 174432 libhogweed4-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 90fecfb7f5b6d069ac9f4a43b6f90755d134625150d76b3e477bc31a68a1f462 135768 libhogweed4_3.4-1ubuntu0.1_s390x.deb a8c1c438e5578c8366a6c0f7bcd79e5c984d50804c9860fb0a5eb3f9baf57bef 214884 libnettle6-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 7a9e6d66f6741828c232938e0c104e5f93601bd2cd2dc46b4f7b8b67481c0b37 120372 libnettle6_3.4-1ubuntu0.1_s390x.deb e1f68b1924378030d1d12cc3376620a32d8cda5f43702dc86b0c58c8070aad6f 176680 nettle-bin-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 5ebaa3586a6469b43c9ceb88977104b99f3c2f7cf0053b2fcc03d855715dd907 24572 nettle-bin_3.4-1ubuntu0.1_s390x.deb 1d64e9fc598a7cdb63a0f712188834b3b6e9e2b43a7e67990e00160b59e8fb78 961152 nettle-dev_3.4-1ubuntu0.1_s390x.deb 8fbbb0170545c58acfdaed69e4e37a2bc42abc539b46d90961f7270e611846f3 7063 nettle_3.4-1ubuntu0.1_s390x.buildinfo Files: 8ae9aa7a02f753f5cbd0ac6a402c3f91 174432 debug optional libhogweed4-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 61067a405b4facd3a90c95df05d5b0a9 135768 libs optional libhogweed4_3.4-1ubuntu0.1_s390x.deb 16bc2fd8a63dfbea1562ff636a024fdf 214884 debug optional libnettle6-dbgsym_3.4-1ubuntu0.1_s390x.ddeb 423812c72e6667baea096c451b4ab1d4 120372 libs optional libnettle6_3.4-1ubuntu0.1_s390x.deb ee2797b97efc3f0fe7e9580313354c1a 176680 debug optional nettle-bin-dbgsym_3.4-1ubuntu0.1_s390x.ddeb e04a2b74c2ce6f985672cdac2107e1bf 24572 misc optional nettle-bin_3.4-1ubuntu0.1_s390x.deb b21fd306a4a53a592e9ee846448fd42a 961152 libdevel optional nettle-dev_3.4-1ubuntu0.1_s390x.deb 3ffa26ddd7520adc6826e4521a2a52b2 7063 libs optional nettle_3.4-1ubuntu0.1_s390x.buildinfo Original-Maintainer: Magnus Holmgren