-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 11 Jun 2021 19:53:20 +0200 Source: nettle Binary: libhogweed4 libhogweed4-dbgsym libnettle6 libnettle6-dbgsym nettle-bin nettle-bin-dbgsym nettle-dev Architecture: i386 Version: 3.4.1-1+deb10u1 Distribution: buster-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Magnus Holmgren Description: libhogweed4 - low level cryptographic library (public-key cryptos) libnettle6 - low level cryptographic library (symmetric and one-way cryptos) nettle-bin - low level cryptographic library (binary tools) nettle-dev - low level cryptographic library (development files) Closes: 985652 989631 Changes: nettle (3.4.1-1+deb10u1) buster-security; urgency=high . * Fix for CVE-2021-3580 - potential crash on invalid input to the RSA decryption functions (Closes: #989631). * Fix for CVE-2021-20305 - bug in ECDSA signature verification that could lead to a denial of service attack (via an assertion failure) or possibly incorrect results, backported from 3.7.2 by Marc Deslauriers (Closes: #985652). Checksums-Sha1: 24c6070fa33a8b5acaf73d0bc53a64accae94567 162796 libhogweed4-dbgsym_3.4.1-1+deb10u1_i386.deb 17eb98df6bffd8a76241059797e810b829ac8061 142780 libhogweed4_3.4.1-1+deb10u1_i386.deb 14fc3d12d159633f2232a874157f4346ad524a62 212920 libnettle6-dbgsym_3.4.1-1+deb10u1_i386.deb cb8effbb7092f4ae06dfdfc36015c3c6de3733f1 233196 libnettle6_3.4.1-1+deb10u1_i386.deb 3ce2048d35cb55d6df9f46cd0235be977e2d7786 164096 nettle-bin-dbgsym_3.4.1-1+deb10u1_i386.deb fd3d3a6bcf3031f3945a34bd2c1dfca068705eaf 26272 nettle-bin_3.4.1-1+deb10u1_i386.deb 6bb8dc4973e756215ebab4d1c02e174ee4ec4cdf 1100740 nettle-dev_3.4.1-1+deb10u1_i386.deb 7e2f0b777fe8ea9ee34b18a46c050dfe61c762b5 7247 nettle_3.4.1-1+deb10u1_i386-buildd.buildinfo Checksums-Sha256: 83db7466df94798a1c73ab55f0c166d926ea5d9e73861ef4a39a4cb4ad335b32 162796 libhogweed4-dbgsym_3.4.1-1+deb10u1_i386.deb 19ade368570349be96b74c8019422ecd93d5946c8932923ae246dde84cf80776 142780 libhogweed4_3.4.1-1+deb10u1_i386.deb c7548b297f1dc148533248862675e8db9c85abda14948c6d9023736c2ce0450f 212920 libnettle6-dbgsym_3.4.1-1+deb10u1_i386.deb 80d6b41b4f3ec477cd3a6d98a46064d4e6566bf0bcf20fddc35aeb9461caf552 233196 libnettle6_3.4.1-1+deb10u1_i386.deb 196a3bb8d44f9ba174a462b42fb32ba399fa3064cbaef732f83165508731bf5d 164096 nettle-bin-dbgsym_3.4.1-1+deb10u1_i386.deb 5d5a33d04ac5a2ba0a631bae79de3a6e826fce96004fb3058f605d44a76e0342 26272 nettle-bin_3.4.1-1+deb10u1_i386.deb cfd81b2c19ea80ee242920370cfc166230fbda728e258d43519601aab6595d63 1100740 nettle-dev_3.4.1-1+deb10u1_i386.deb 5bc95d5140e6212280f1a24e34a74815d1e4ea6ad19bee1fa8a555de9dac783a 7247 nettle_3.4.1-1+deb10u1_i386-buildd.buildinfo Files: 998b3dda1bf8bb4d50529a9e20d22ebb 162796 debug optional libhogweed4-dbgsym_3.4.1-1+deb10u1_i386.deb 10b215afef77fb7b0d41f036de3675d1 142780 libs optional libhogweed4_3.4.1-1+deb10u1_i386.deb 70b953b8111b6f792aa8f829e19cfb42 212920 debug optional libnettle6-dbgsym_3.4.1-1+deb10u1_i386.deb 6ee1fb66fe362939184266dcc0cd6760 233196 libs optional libnettle6_3.4.1-1+deb10u1_i386.deb 9e392b1d262f5e0ed2978ecbb7010b27 164096 debug optional nettle-bin-dbgsym_3.4.1-1+deb10u1_i386.deb b5568a9066468f54e8b6e9fb3e4d944a 26272 misc optional nettle-bin_3.4.1-1+deb10u1_i386.deb 2b419dda8855643da55eb8514dd11455 1100740 libdevel optional nettle-dev_3.4.1-1+deb10u1_i386.deb c10e83e9c3dcdd37095954cf70f7c8b3 7247 libs optional nettle_3.4.1-1+deb10u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEN7duNU9NP062TWmbN0rYXSImzT0FAmDJHMsACgkQN0rYXSIm zT0rHw//dUxmyhUMDJEoanFXqHGWiM2dcxNgbrK2hgUYjP2CuYn5prRLZz/nsWdw OaU+O6vsktYIp0TAobQ91+a35zFh1XMzzEAg44ouKj+qWZWmD1tvO5XUOv93h3xc RrPTM020uu4jLLnsOiP8YoD5n1KbAZGKHofqStBEisRwbVq0gd4Yjt6lMrfqkKW3 qfG8+IokWIFMQIqKImwm4mkEEB4Dykk2nOzQPLK+1iqsP8AIAwaeqoeGL0g4CH95 gsaolg73vgakww1wQwA5C2lEmHWkAwZxCbBkvDlPvZjjOHWljsAExmW4lBUK0Gph TLbluwZBsBlRGN4TdblND9f02YfCaLqqjU68YI9PaFUcqMqrWFSflZm30aVZ5RJ4 pcvGCz6ncsLl0M74yWQKMRYVQLO0Pk3hiX4uDO5rfAIJHXCoR8SeHp/n+0SbcjbW FLjYAAJhlY0exQWlFcszE+RMsP88H565fB5TYvfnMzZAjkngc18cSgq86pk1jkAK QHmsbYTHDH3g9kiS91sruBDjDrCOTB63tLJfoCG03VG/rbbYGP9wWbQ3/LJhYAWY Y/O2k176cSu3Vzj7STwNa0S/slqeMGQC0hVq/JkAyFj8LAZjIugHmdkQlpcjZIzY i1B/aiR4zdXTMvEQrWu9DewPIUIjaKRyG19fIEALCKkoLSai5oA= =symD -----END PGP SIGNATURE-----