nettle 3.6-2ubuntu0.1 source package in Ubuntu

Changelog

nettle (3.6-2ubuntu0.1) groovy-security; urgency=medium

  * SECURITY UPDATE: Out of Bound memory access in signature verification
    - debian/patches/CVE-2021-20305-1.patch: new functions
      ecc_mod_mul_canonical and ecc_mod_sqr_canonical in
      curve25519-eh-to-x.c, curve448-eh-to-x.c, ecc-eh-to-a.c,
      ecc-internal.h, ecc-j-to-a.c, ecc-mod-arith.c, ecc-mul-m.c.
    - debian/patches/CVE-2021-20305-2.patch: use ecc_mod_mul_canonical for
      point comparison in eddsa-verify.c.
    - debian/patches/CVE-2021-20305-3.patch: fix bug in ecc_ecdsa_verify in
      ecc-ecdsa-verify.c, testsuite/ecdsa-sign-test.c.
    - debian/patches/CVE-2021-20305-4.patch: ensure ecdsa_sign output is
      canonically reduced in ecc-ecdsa-sign.c.
    - debian/patches/CVE-2021-20305-5.patch: analogous fix to
      ecc_gostdsa_verify in ecc-gostdsa-verify.c.
    - debian/patches/CVE-2021-20305-6.patch: similar fix for eddsa in
      eddsa-hash.c.
    - debian/patches/CVE-2021-20305-7.patch: fix canonical reduction in
      gostdsa_vko in gostdsa-vko.c.
    - debian/libhogweed6.symbols: added new symbols.
    - CVE-2021-20305

 -- Marc Deslauriers <email address hidden>  Tue, 06 Apr 2021 11:57:28 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Groovy
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
nettle_3.6.orig.tar.gz 2.2 MiB d24c0d0f2abffbc8f4f34dcf114b0f131ec3774895f3555922fe2f40f3d5e3f1
nettle_3.6.orig.tar.gz.asc 573 bytes f0ee81d3120bb85ce2adee753568f68361d33b3fe363b6a15462b06bb9518ad1
nettle_3.6-2ubuntu0.1.debian.tar.xz 25.2 KiB 5c64076107208020366362e8a3f8ee1347adf0eea750d4938eefcd1f71b373f6
nettle_3.6-2ubuntu0.1.dsc 2.3 KiB 5069e2ea8f95466b98dcc7b59bb79475b3940197fed7d594bfe7389f86ae929b

View changes file

Binary packages built by this source

libhogweed6: low level cryptographic library (public-key cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the asymmetric cryptographic algorithms, which,
 require the GNU multiple precision arithmetic library (libgmp) for
 their large integer computations.

libhogweed6-dbgsym: debug symbols for libhogweed6
libnettle8: low level cryptographic library (symmetric and one-way cryptos)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the symmetric and one-way cryptographic
 algorithms. To avoid having this package depend on libgmp, the
 asymmetric cryptos reside in a separate library, libhogweed.

libnettle8-dbgsym: debug symbols for libnettle8
nettle-bin: low level cryptographic library (binary tools)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains binary utilities that accompany the library:
 .
    - nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
      lfib (non-cryptographic) pseudo-random generator.
    - sexp-conv - conversion tool for handling the different flavours of sexp
      syntax.
    - pkcs1-conv - converts PKCS#1 keys to sexp format.
    - nettle-hash - command-line tool to compute message digests such as SHA-1.

nettle-bin-dbgsym: debug symbols for nettle-bin
nettle-dev: low level cryptographic library (development files)

 Nettle is a cryptographic library that is designed to fit easily in more or
 less any context: In crypto toolkits for object-oriented languages (C++,
 Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
 space.
 .
 It tries to solve a problem of providing a common set of cryptographic
 algorithms for higher-level applications by implementing a
 context-independent set of cryptographic algorithms. In that light, Nettle
 doesn't do any memory allocation or I/O, it simply provides the
 cryptographic algorithms for the application to use in any environment and
 in any way it needs.
 .
 This package contains the development files (C headers and static libraries)