Security update for libnettle
This update for libnettle fixes the following issues:
- CVE-2016-6489:
* Reject invalid RSA keys with even modulo.
* Check for invalid keys, with even p, in dsa_sign().
* Use function mpz_powm_sec() instead of mpz_powm() (bsc#991464).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Pedro Monreal Gonzalez (pmonrealgonzalez)
Fixed bugs
bnc#991464
VUL-0: CVE-2016-6489: libnettle: RSA code is vulnerable to cache-timing related attacks
