Publishing details

• Removed from disk on 2021-06-17.
• Removal requested on 2021-06-17.
• Deleted on 2021-06-17 by Marc Deslauriers
• Published on 2021-06-14

Changelog

nettle (3.4.1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Bleichenbacher type side-channel based padding oracle
    attack in endian conversion of RSA decrypted PKCS#1 v1.5 data
    - Updated to upstream 3.4.1 tarball.
    - debian/*symbols: added new 3.4.1 symbols.
    - CVE-2018-16869
  * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext
    - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr
      to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h,
      rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c.
    - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt
      family of functions in rsa-decrypt-tr.c, rsa-decrypt.c,
      rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c.
    - CVE-2021-3580

 -- Marc Deslauriers <email address hidden>  Mon, 14 Jun 2021 09:33:12 -0400

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Package files

• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_amd64.ddeb (178.6 KiB)
• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_arm64.ddeb (184.7 KiB)
• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_armhf.ddeb (169.5 KiB)
• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb (145.1 KiB)
• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb (189.2 KiB)
• libhogweed4-dbgsym_3.4.1-0ubuntu0.18.04.1_s390x.ddeb (181.2 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_amd64.deb (136.6 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_arm64.deb (128.7 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_armhf.deb (126.2 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_i386.deb (138.5 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_ppc64el.deb (135.1 KiB)
• libhogweed4_3.4.1-0ubuntu0.18.04.1_s390x.deb (135.0 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_amd64.ddeb (187.3 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_arm64.ddeb (212.4 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_armhf.ddeb (202.8 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb (180.9 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb (234.8 KiB)
• libnettle6-dbgsym_3.4.1-0ubuntu0.18.04.1_s390x.ddeb (210.2 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_amd64.deb (108.2 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_arm64.deb (112.5 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_armhf.deb (121.4 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_i386.deb (125.4 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_ppc64el.deb (136.2 KiB)
• libnettle6_3.4.1-0ubuntu0.18.04.1_s390x.deb (118.8 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_amd64.ddeb (171.9 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_arm64.ddeb (175.4 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_armhf.ddeb (175.0 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_i386.ddeb (166.2 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_ppc64el.ddeb (179.4 KiB)
• nettle-bin-dbgsym_3.4.1-0ubuntu0.18.04.1_s390x.ddeb (172.5 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_amd64.deb (24.9 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_arm64.deb (23.3 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_armhf.deb (22.4 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_i386.deb (25.8 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_ppc64el.deb (26.4 KiB)
• nettle-bin_3.4.1-0ubuntu0.18.04.1_s390x.deb (24.0 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_amd64.deb (932.1 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_arm64.deb (934.5 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_armhf.deb (937.8 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_i386.deb (955.1 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_ppc64el.deb (964.9 KiB)
• nettle-dev_3.4.1-0ubuntu0.18.04.1_s390x.deb (941.8 KiB)
• nettle_3.4.1-0ubuntu0.18.04.1.debian.tar.xz (26.4 KiB)
• nettle_3.4.1-0ubuntu0.18.04.1.dsc (2.1 KiB)
• nettle_3.4.1.orig.tar.gz (1.9 MiB)