nettle 2.7.1-1ubuntu0.2 source package in Ubuntu

Changelog

nettle (2.7.1-1ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: RSA cache timing side-channel attack
    - debian/patches/CVE-2016-6489.patch: use mpz_powm_sec and check for
      invalid keys in dsa-sign.c, rsa-blind.c, rsa-pkcs1-sign-tr.c,
      rsa-pkcs1-sign.c, rsa-sign.c, rsa.c, testsuite/rsa-test.c,
      rsa-decrypt-tr.c, rsa-decrypt.c.
    - CVE-2016-6489

 -- Marc Deslauriers <email address hidden>  Fri, 03 Feb 2017 08:40:39 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2017-02-03
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2017-02-06 main libs
Trusty security on 2017-02-06 main libs

Downloads

File Size SHA-256 Checksum
nettle_2.7.1.orig.tar.gz 1.5 MiB bc71ebd43435537d767799e414fce88e521b7278d48c860651216e1fc6555b40
nettle_2.7.1-1ubuntu0.2.debian.tar.gz 22.8 KiB 97d0e98d54c01d0dd7ca2a7d8b1d6929c1752f5563139e90f25796ca901ca2ca
nettle_2.7.1-1ubuntu0.2.dsc 2.1 KiB fb5b63a5aeb202779b73c85266ebd807b5a5f948c9240cf7c0d0049592485151

View changes file

Binary packages built by this source

libhogweed2: low level cryptographic library (public-key cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the asymmetric cryptographic algorithms, which,
 require the GNU multiple precision arithmetic library (libgmp) for
 their large integer computations.

libhogweed2-dbgsym: debug symbols for package libhogweed2

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the asymmetric cryptographic algorithms, which,
 require the GNU multiple precision arithmetic library (libgmp) for
 their large integer computations.

libnettle4: low level cryptographic library (symmetric and one-way cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the symmetric and one-way cryptographic
 algorithms. To avoid having this package depend on libgmp, the
 asymmetric cryptos reside in a separate library, libhogweed.

libnettle4-dbgsym: debug symbols for package libnettle4

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the symmetric and one-way cryptographic
 algorithms. To avoid having this package depend on libgmp, the
 asymmetric cryptos reside in a separate library, libhogweed.

nettle-bin: low level cryptographic library (binary tools)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains binary utilities that accompany the library:
 .
    - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
      lfib (non-cryptographic) pseudo-random generator.
    - sexp-conv - conversion tool for handling the different flavours of sexp
      syntax.
    - pkcs1-conv - converts PKCS#1 keys to sexp format.
    - nettle-hash - command-line tool to compute message digests such as SHA-1.

nettle-bin-dbgsym: debug symbols for package nettle-bin

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains binary utilities that accompany the library:
 .
    - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
      lfib (non-cryptographic) pseudo-random generator.
    - sexp-conv - conversion tool for handling the different flavours of sexp
      syntax.
    - pkcs1-conv - converts PKCS#1 keys to sexp format.
    - nettle-hash - command-line tool to compute message digests such as SHA-1.

nettle-dbg: low level cryptographic library (debugging symbols)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 This package contains the debugging symbols for all binary packages.

nettle-dev: low level cryptographic library (development files)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the development files (C headers and static libraries)

nettle-dev-dbgsym: debug symbols for package nettle-dev

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the development files (C headers and static libraries)