nettle 3.5.1+really3.5.1-2ubuntu0.2 source package in Ubuntu
Changelog
nettle (3.5.1+really3.5.1-2ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h, rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c. - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt family of functions in rsa-decrypt-tr.c, rsa-decrypt.c, rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c. - CVE-2021-3580 -- Marc Deslauriers <email address hidden> Mon, 14 Jun 2021 09:18:47 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Focal | updates | main | libs | |
Focal | security | main | libs |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
nettle_3.5.1+really3.5.1.orig.tar.gz | 1.9 MiB | 75cca1998761b02e16f2db56da52992aef622bf55a3b45ec538bc2eedadc9419 |
nettle_3.5.1+really3.5.1.orig.tar.gz.asc | 573 bytes | 557116e471c7c4556148866b5cec056d6de5f26d080e5930154018be6a9d893e |
nettle_3.5.1+really3.5.1-2ubuntu0.2.debian.tar.xz | 26.6 KiB | de4768b595c6912e95812554810bfdef11e58ffb7edf88909d4e6056f22a29e5 |
nettle_3.5.1+really3.5.1-2ubuntu0.2.dsc | 2.4 KiB | 4f762c7249a256808435492922beffd469d0d4785d6aa499939d95750121b238 |
Available diffs
Binary packages built by this source
- libhogweed5: low level cryptographic library (public-key cryptos)
Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
space.
.
It tries to solve a problem of providing a common set of cryptographic
algorithms for higher-level applications by implementing a
context-independent set of cryptographic algorithms. In that light, Nettle
doesn't do any memory allocation or I/O, it simply provides the
cryptographic algorithms for the application to use in any environment and
in any way it needs.
.
This package contains the asymmetric cryptographic algorithms, which,
require the GNU multiple precision arithmetic library (libgmp) for
their large integer computations.
- libhogweed5-dbgsym: debug symbols for libhogweed5
- libnettle7: low level cryptographic library (symmetric and one-way cryptos)
Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
space.
.
It tries to solve a problem of providing a common set of cryptographic
algorithms for higher-level applications by implementing a
context-independent set of cryptographic algorithms. In that light, Nettle
doesn't do any memory allocation or I/O, it simply provides the
cryptographic algorithms for the application to use in any environment and
in any way it needs.
.
This package contains the symmetric and one-way cryptographic
algorithms. To avoid having this package depend on libgmp, the
asymmetric cryptos reside in a separate library, libhogweed.
- libnettle7-dbgsym: debug symbols for libnettle7
- nettle-bin: low level cryptographic library (binary tools)
Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
space.
.
It tries to solve a problem of providing a common set of cryptographic
algorithms for higher-level applications by implementing a
context-independent set of cryptographic algorithms. In that light, Nettle
doesn't do any memory allocation or I/O, it simply provides the
cryptographic algorithms for the application to use in any environment and
in any way it needs.
.
This package contains binary utilities that accompany the library:
.
- nettle-lfib-stream - generates a pseudo-random stream, using the Knuth
lfib (non-cryptographic) pseudo-random generator.
- sexp-conv - conversion tool for handling the different flavours of sexp
syntax.
- pkcs1-conv - converts PKCS#1 keys to sexp format.
- nettle-hash - command-line tool to compute message digests such as SHA-1.
- nettle-bin-dbgsym: debug symbols for nettle-bin
- nettle-dev: low level cryptographic library (development files)
Nettle is a cryptographic library that is designed to fit easily in more or
less any context: In crypto toolkits for object-oriented languages (C++,
Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel
space.
.
It tries to solve a problem of providing a common set of cryptographic
algorithms for higher-level applications by implementing a
context-independent set of cryptographic algorithms. In that light, Nettle
doesn't do any memory allocation or I/O, it simply provides the
cryptographic algorithms for the application to use in any environment and
in any way it needs.
.
This package contains the development files (C headers and static libraries)