ELSA-2016-2582

ELSA-2016-2582 - nettle security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2016-11-09

Description


[2.7.1-8]
- Use a cache-silent version of mpz_powm to prevent cache-timing
attacks against RSA and DSA in shared VMs. (#1364897,CVE-2016-6489)

[2.7.1-5]
- Fixed SHA-3 implementation to conform to final standard (#1252936)
- Fixed CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 which caused issues
in secp256r1 and secp384r1 calculations (#1314374)


Related CVEs


CVE-2015-8803
CVE-2015-8804
CVE-2015-8805
CVE-2016-6489

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) nettle-2.7.1-8.el7.src.rpm51b9afa9ec4647df94a2d1e6410cdb8fELSA-2021-1145
nettle-2.7.1-8.el7.aarch64.rpm04149120f1ab1242356c05df029f1bf4ELSA-2021-1145
nettle-devel-2.7.1-8.el7.aarch64.rpm795f15df325e82c15cb944012db44b3dELSA-2021-1145
Oracle Linux 7 (x86_64) nettle-2.7.1-8.el7.src.rpm51b9afa9ec4647df94a2d1e6410cdb8fELSA-2021-1145
nettle-2.7.1-8.el7.i686.rpm2fc645face868e4c2ce7cf34dd6e1434ELSA-2021-1145
nettle-2.7.1-8.el7.x86_64.rpm408715d2ebb453823478480577d19b61ELSA-2021-1145
nettle-devel-2.7.1-8.el7.i686.rpmae12992c13fed37e397068318335410aELSA-2021-1145
nettle-devel-2.7.1-8.el7.x86_64.rpm4c4c8955d5e84b6eb376e47afb16fdf6ELSA-2021-1145



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete