Format: 1.8 Date: Mon, 14 Jun 2021 09:33:12 -0400 Source: nettle Binary: libnettle6 libhogweed4 nettle-dev nettle-bin Architecture: ppc64el Version: 3.4.1-0ubuntu0.18.04.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libhogweed4 - low level cryptographic library (public-key cryptos) libnettle6 - low level cryptographic library (symmetric and one-way cryptos) nettle-bin - low level cryptographic library (binary tools) nettle-dev - low level cryptographic library (development files) Changes: nettle (3.4.1-0ubuntu0.18.04.1) bionic-security; urgency=medium . * SECURITY UPDATE: Bleichenbacher type side-channel based padding oracle attack in endian conversion of RSA decrypted PKCS#1 v1.5 data - Updated to upstream 3.4.1 tarball. - debian/*symbols: added new 3.4.1 symbols. - CVE-2018-16869 * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h, rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c. - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt family of functions in rsa-decrypt-tr.c, rsa-decrypt.c, rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c. - CVE-2021-3580 Checksums-Sha1: 3549040fb7510b9eb83cfbce51a6cc9268eb885a 193712 libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb 5eb0f40625373229dbf136ba3a93df50ed223b18 138376 libhogweed4_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 81d1754e562f61a71dff36dda2ca2f8cea46ac49 240408 libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb c98cc69b0d7b9b6b00caa6aa8a01f73a14c8c698 139492 libnettle6_3.4.1-0ubuntu0.18.04.1_ppc64el.deb e4a925d4a1a0b12de961adb8fbfd3de518c34728 183684 nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb e4c122c74ee64f6529fda1c0681317321b6f0be4 27064 nettle-bin_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 3cccac1b7b937e1575640e7557ceaf8a19861018 988088 nettle-dev_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 207f8a92184ebb2cfb7b6152b084fd936122730c 7367 nettle_3.4.1-0ubuntu0.18.04.1_ppc64el.buildinfo Checksums-Sha256: 3db8aacb2583d7dce2eed2abfe529d95da5d7551b3609293f2e73d48b073f2cf 193712 libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb 46da8f2079c1e3e267589020212fce162ac6ec663d077b77d216ff69d017e42c 138376 libhogweed4_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 6b8a7e6d19a5d1a1dee94be354fe5920b5ee4a8eab3d1313a7794d98f907f525 240408 libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb b55459e6329ecac86765b413f0ed00fcaf78686051389c996d0aeb448d47eb1e 139492 libnettle6_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 3750d5089248e51433a5c51164a0ceba58009f79edaffa4517e88543283ed64e 183684 nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb 274a49d45ef7c2921032907beeea4d1c23c633097230e924e170ef418876fe80 27064 nettle-bin_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 9cadc90463d947361aa153c843f5926b95893d43d8e6d18bab4ff42722551537 988088 nettle-dev_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 9a317b58c2c2b59efaf9c29bdd9312d927d9a730787e21a6c5bd4ea395665159 7367 nettle_3.4.1-0ubuntu0.18.04.1_ppc64el.buildinfo Files: 95b3c321ce6ba64f0eaca07d124386fb 193712 debug optional libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb d5a1079ffb1cbddfb03b8b0d1f92d989 138376 libs optional libhogweed4_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 043499300a6297d3edef3841a9c4bb73 240408 debug optional libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb 11ce8f6a2ced3be85dade4fd5c89c724 139492 libs optional libnettle6_3.4.1-0ubuntu0.18.04.1_ppc64el.deb ace124ad962cc0ba04b93ff758df12e0 183684 debug optional nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb 41a6eb9ea52e9efe5d875b43009a6307 27064 misc optional nettle-bin_3.4.1-0ubuntu0.18.04.1_ppc64el.deb be844f9842e8a83979e7fb7e13803ca2 988088 libdevel optional nettle-dev_3.4.1-0ubuntu0.18.04.1_ppc64el.deb 6bb1dc94002e102c691ce98b87f6f39e 7367 libs optional nettle_3.4.1-0ubuntu0.18.04.1_ppc64el.buildinfo Original-Maintainer: Magnus Holmgren