nettle 3.2-1ubuntu0.16.04.1 source package in Ubuntu

Changelog

nettle (3.2-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: RSA cache timing side-channel attack
    - debian/patches/CVE-2016-6489.patch: use mpz_powm_sec and check for
      invalid keys in bignum.h, configure.ac, dsa-sign.c, rsa-blind.c,
      rsa-sign-tr.c, rsa-sign.c, rsa.c, testsuite/rsa-test.c.
    - CVE-2016-6489

 -- Marc Deslauriers <email address hidden>  Fri, 03 Feb 2017 08:22:52 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2017-02-03
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2017-02-06 main libs
Xenial security on 2017-02-06 main libs

Downloads

File Size SHA-256 Checksum
nettle_3.2.orig.tar.gz 1.8 MiB ea4283def236413edab5a4cf9cf32adf540c8df1b9b67641cfc2302fca849d97
nettle_3.2-1ubuntu0.16.04.1.debian.tar.xz 20.8 KiB 49e9715ec8f211831efeaa90122fb16126e39d2cf0739fecd572621b5e55a097
nettle_3.2-1ubuntu0.16.04.1.dsc 2.1 KiB 15cbaa7c21e695c264ee3ec33be7ead629816f34cd0e2ea910300d9f6f084835

View changes file

Binary packages built by this source

libhogweed4: low level cryptographic library (public-key cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the asymmetric cryptographic algorithms, which,
 require the GNU multiple precision arithmetic library (libgmp) for
 their large integer computations.

libhogweed4-dbgsym: debug symbols for package libhogweed4

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the asymmetric cryptographic algorithms, which,
 require the GNU multiple precision arithmetic library (libgmp) for
 their large integer computations.

libnettle6: low level cryptographic library (symmetric and one-way cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the symmetric and one-way cryptographic
 algorithms. To avoid having this package depend on libgmp, the
 asymmetric cryptos reside in a separate library, libhogweed.

libnettle6-dbgsym: debug symbols for package libnettle6

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the symmetric and one-way cryptographic
 algorithms. To avoid having this package depend on libgmp, the
 asymmetric cryptos reside in a separate library, libhogweed.

nettle-bin: low level cryptographic library (binary tools)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains binary utilities that accompany the library:
 .
    - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
      lfib (non-cryptographic) pseudo-random generator.
    - sexp-conv - conversion tool for handling the different flavours of sexp
      syntax.
    - pkcs1-conv - converts PKCS#1 keys to sexp format.
    - nettle-hash - command-line tool to compute message digests such as SHA-1.

nettle-bin-dbgsym: debug symbols for package nettle-bin

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains binary utilities that accompany the library:
 .
    - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
      lfib (non-cryptographic) pseudo-random generator.
    - sexp-conv - conversion tool for handling the different flavours of sexp
      syntax.
    - pkcs1-conv - converts PKCS#1 keys to sexp format.
    - nettle-hash - command-line tool to compute message digests such as SHA-1.

nettle-dbg: low level cryptographic library (debugging symbols)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 This package contains the debugging symbols for all binary packages.

nettle-dev: low level cryptographic library (development files)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the development files (C headers and static libraries)

nettle-dev-dbgsym: debug symbols for package nettle-dev

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the development files (C headers and static libraries)