Format: 1.8 Date: Mon, 14 Jun 2021 09:33:12 -0400 Source: nettle Binary: libnettle6 libhogweed4 nettle-dev nettle-bin Architecture: i386 Version: 3.4.1-0ubuntu0.18.04.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libhogweed4 - low level cryptographic library (public-key cryptos) libnettle6 - low level cryptographic library (symmetric and one-way cryptos) nettle-bin - low level cryptographic library (binary tools) nettle-dev - low level cryptographic library (development files) Changes: nettle (3.4.1-0ubuntu0.18.04.1) bionic-security; urgency=medium . * SECURITY UPDATE: Bleichenbacher type side-channel based padding oracle attack in endian conversion of RSA decrypted PKCS#1 v1.5 data - Updated to upstream 3.4.1 tarball. - debian/*symbols: added new 3.4.1 symbols. - CVE-2018-16869 * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h, rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c. - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt family of functions in rsa-decrypt-tr.c, rsa-decrypt.c, rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c. - CVE-2021-3580 Checksums-Sha1: 9a6240b826c3c1815f6a6253b1f49f4aae6a9abd 148536 libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 612b59f804dbc62346bff22cdee71c525dda9415 141852 libhogweed4_3.4.1-0ubuntu0.18.04.1_i386.deb f5cb7a13049e6b465def6cac7018765ed49cfab9 185204 libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 3d22df51e798cd01eb9c8487f6031bf827b7eaf9 128380 libnettle6_3.4.1-0ubuntu0.18.04.1_i386.deb 788869662de4240c5c41bdc14246af7ffafa49ee 170176 nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 9bde88bf23fc430a09c1562d51affe4b106ea2c5 26404 nettle-bin_3.4.1-0ubuntu0.18.04.1_i386.deb 24accbf8495bceb1eb4c6efc5e78279b3473c8cb 977988 nettle-dev_3.4.1-0ubuntu0.18.04.1_i386.deb 50d68f0bef4e5b7ecaaadc592b6fa96b6bd07d05 7333 nettle_3.4.1-0ubuntu0.18.04.1_i386.buildinfo Checksums-Sha256: 5286670c3cef87333d9652e5a1fb2d02888dce3c4c3db160fb519a4a94f0e09e 148536 libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 67b36e59557c6c17c5092833973f4521e7180153053b8adf1e37b6bc6f25a1c0 141852 libhogweed4_3.4.1-0ubuntu0.18.04.1_i386.deb 08389b0f93ac61702af5b872b37ad3779df02ad223c4ba10af3f6052f143098a 185204 libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb b67c2447b978bca3df2fe0e15a3dd1f48925a19be61a553c4c96efb73fdbf85b 128380 libnettle6_3.4.1-0ubuntu0.18.04.1_i386.deb acf9b13c267f3a9e5071cbb202886a1443ee882954bfde7e69e0a2e28d48812b 170176 nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 682c8ab23dadaf162a058c96e7c55267fd943f9385e88652507de40e67cbdcf7 26404 nettle-bin_3.4.1-0ubuntu0.18.04.1_i386.deb 00b964afd9256344ab986241fee3ff69d1a6e90c3dc67046a0d96c07640e0a81 977988 nettle-dev_3.4.1-0ubuntu0.18.04.1_i386.deb 00e4ea160bf6bc8fe340e8986840d66fe863fb506b9ac7b7a653048ae2c26d08 7333 nettle_3.4.1-0ubuntu0.18.04.1_i386.buildinfo Files: e2025e4940c40c949e701dc99a4f86d6 148536 debug optional libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 533aea1f411728ed0ffb34d936fa588a 141852 libs optional libhogweed4_3.4.1-0ubuntu0.18.04.1_i386.deb 422f759b5f4dc23d8a0cf7d2408fc0af 185204 debug optional libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 1a26888cf7c74271e5e0eb87945fb732 128380 libs optional libnettle6_3.4.1-0ubuntu0.18.04.1_i386.deb 0285493e52ef77febd6473a8e7fcb639 170176 debug optional nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb 9108faf9325ad08544e83023447b22ce 26404 misc optional nettle-bin_3.4.1-0ubuntu0.18.04.1_i386.deb ce32d874181fdccffb4fedb6dca6c5ca 977988 libdevel optional nettle-dev_3.4.1-0ubuntu0.18.04.1_i386.deb adfc64c9b294e2cf396b4feac2c25e01 7333 libs optional nettle_3.4.1-0ubuntu0.18.04.1_i386.buildinfo Original-Maintainer: Magnus Holmgren