# nettle 2.7.1-1ubuntu0.2 source package in Ubuntu

## Changelog

nettle (2.7.1-1ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: RSA cache timing side-channel attack - debian/patches/CVE-2016-6489.patch: use mpz_powm_sec and check for invalid keys in dsa-sign.c, rsa-blind.c, rsa-pkcs1-sign-tr.c, rsa-pkcs1-sign.c, rsa-sign.c, rsa.c, testsuite/rsa-test.c, rsa-decrypt-tr.c, rsa-decrypt.c. - CVE-2016-6489 -- Marc Deslauriers <email address hidden> Fri, 03 Feb 2017 08:40:39 -0500

## Upload details

- Uploaded by:
- Marc Deslauriers

- Uploaded to:
- Trusty

- Original maintainer:
- Ubuntu Developers

- Architectures:
- any

- Section:
- libs

- Urgency:
- Medium Urgency

## See full publishing history Publishing

Series | Published | Component | Section | |
---|---|---|---|---|

Trusty | updates | main | libs | |

Trusty | security | main | libs |

## Downloads

File | Size | SHA-256 Checksum |
---|---|---|

nettle_2.7.1.orig.tar.gz | 1.5 MiB | bc71ebd43435537d767799e414fce88e521b7278d48c860651216e1fc6555b40 |

nettle_2.7.1-1ubuntu0.2.debian.tar.gz | 22.8 KiB | 97d0e98d54c01d0dd7ca2a7d8b1d6929c1752f5563139e90f25796ca901ca2ca |

nettle_2.7.1-1ubuntu0.2.dsc | 2.1 KiB | fb5b63a5aeb202779b73c85266ebd807b5a5f948c9240cf7c0d0049592485151 |

### Available diffs

## Binary packages built by this source

- libhogweed2: low level cryptographic library (public-key cryptos)
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the asymmetric cryptographic algorithms, which,

require the GNU multiple precision arithmetic library (libgmp) for

their large integer computations.

- libhogweed2-dbgsym: debug symbols for package libhogweed2
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the asymmetric cryptographic algorithms, which,

require the GNU multiple precision arithmetic library (libgmp) for

their large integer computations.

- libnettle4: low level cryptographic library (symmetric and one-way cryptos)
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the symmetric and one-way cryptographic

algorithms. To avoid having this package depend on libgmp, the

asymmetric cryptos reside in a separate library, libhogweed.

- libnettle4-dbgsym: debug symbols for package libnettle4
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the symmetric and one-way cryptographic

algorithms. To avoid having this package depend on libgmp, the

asymmetric cryptos reside in a separate library, libhogweed.

- nettle-bin: low level cryptographic library (binary tools)
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains binary utilities that accompany the library:

.

- nettle-lfib-stream - generates a pseudo-random stream, using the Knuth

lfib (non-cryptographic) pseudo-random generator.

- sexp-conv - conversion tool for handling the different flavours of sexp

syntax.

- pkcs1-conv - converts PKCS#1 keys to sexp format.

- nettle-hash - command-line tool to compute message digests such as SHA-1.

- nettle-bin-dbgsym: debug symbols for package nettle-bin
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains binary utilities that accompany the library:

.

- nettle-lfib-stream - generates a pseudo-random stream, using the Knuth

lfib (non-cryptographic) pseudo-random generator.

- sexp-conv - conversion tool for handling the different flavours of sexp

syntax.

- pkcs1-conv - converts PKCS#1 keys to sexp format.

- nettle-hash - command-line tool to compute message digests such as SHA-1.

- nettle-dbg: low level cryptographic library (debugging symbols)
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

This package contains the debugging symbols for all binary packages.

- nettle-dev: low level cryptographic library (development files)
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the development files (C headers and static libraries)

- nettle-dev-dbgsym: debug symbols for package nettle-dev
Nettle is a cryptographic library that is designed to fit easily in more or

less any context: In crypto toolkits for object-oriented languages (C++,

Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel

space.

.

It tries to solve a problem of providing a common set of cryptographic

algorithms for higher-level applications by implementing a

context-independent set of cryptographic algorithms. In that light, Nettle

doesn't do any memory allocation or I/O, it simply provides the

cryptographic algorithms for the application to use in any environment and

in any way it needs.

.

This package contains the development files (C headers and static libraries)