Cryptographic Library

Edit Package libnettle

Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space.

Refresh
Refresh
Source Files
Filename Size Changed
baselibs.conf 0000000039 39 Bytes
libnettle-rpmlintrc 0000000103 103 Bytes
libnettle.changes 0000022035 21.5 KB
libnettle.keyring 0000002182 2.13 KB
libnettle.spec 0000005728 5.59 KB
nettle-3.7.3.tar.gz 0002383985 2.27 MB
nettle-3.7.3.tar.gz.sig 0000000374 374 Bytes
Revision 2 (latest revision is 3)
Gustavo Yokoyama Ribeiro's avatar Gustavo Yokoyama Ribeiro (gyribeiro) committed (revision 2)
- Update to 3.7.3 in SLE-15-SP4: [SLE-19765, jsc#SLE-18132]
  - Add libnettle-rpmlintrc
  - Remove patches upstream:
    * libnettle-CVE-2021-20305.patch
    * libnettle-CVE-2021-3580-rsa_decrypt.patch
    * libnettle-CVE-2021-3580-rsa_sec.patch
    * nettle-respect-cflags.patch

- GNU Nettle 3.7.3: [CVE-2021-3580, bsc#1187060]
  * Fix crash for zero input to rsa_sec_decrypt and
    rsa_decrypt_tr. Potential denial of service vector.
  * Ensure that all of rsa_decrypt_tr and rsa_sec_decrypt return
    failure for out of range inputs, instead of either crashing,
    or silently reducing input modulo n. Potential denial of
    service vector.
  * Ensure that rsa_decrypt returns failure for out of range
    inputs, instead of silently reducing input modulo n.
  * Ensure that rsa_sec_decrypt returns failure if the message
    size is too large for the given key. Unlike the other bugs,
    this would typically be triggered by invalid local
    configuration, rather than by processing untrusted remote
    data.

- GNU Nettle 3.7.2:
  * fix a bug in ECDSA signature verification that could lead to a
    denial of service attack (via an assertion failure) or possibly
    incorrect results (CVE-2021-20305, boo#1184401)
  * fix a few related problems where scalars are required to be
    canonically reduced modulo the ECC group order, but in fact may
    be slightly larger
Comments 0
openSUSE Build Service is sponsored by