Update for 00Meta, 389-ds, 389-ds.10198, Graphic... recommended moderate

Security update for libnettle

This update for libnettle to version 3.4.1 fixes the following issues:

Issues addressed and new features:

- Updated to 3.4.1 (fate#327114 and bsc#1129598)
- Fixed a missing break statements in the parsing of PEM input files in pkcs1-conv.
- Fixed a link error on the pss-mgf1-test which was affecting builds without public key support.
- All functions using RSA private keys are now side-channel silent. This applies both to the
bignum calculations, which now use GMP's mpn_sec_* family of functions, and the processing of
PKCS#1 padding needed for RSA decryption.
- Changes in behavior:
The functions rsa_decrypt and rsa_decrypt_tr may now clobber all of the provided message
buffer, independent of the actual message length. They are side-channel silent, in that
branches and memory accesses don't depend on the validity or length of the message.
Side-channel leakage from the caller's use of length and return value may still provide
an oracle useable for a Bleichenbacher-style chosen ciphertext attack.
Which is why the new function rsa_sec_decrypt is recommended.

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
bnc#1129598
[TRACKERBUG] FATE#327114: [ECO] Update gnutls to 3.6.6 to support TLS 1.3
Selected Binaries
openSUSE Build Service is sponsored by