Package: nettle / 3.4.1-1+deb10u1
Metadata
Package | Version | Patches format |
---|---|---|
nettle | 3.4.1-1+deb10u1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
fPIC.patch | (download) |
aclocal.m4 |
2 1 + 1 - 0 ! |
--- |
multiarch_dev.patch | (download) |
aclocal.m4 |
4 0 + 4 - 0 ! |
--- |
CVE 2021 20305 1.patch | (download) |
curve25519-eh-to-x.c |
6 1 + 5 - 0 ! |
[patch] new functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical. * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): New functions. * ecc-internal.h: Declare and document new functions. * curve448-eh-to-x.c (curve448_eh_to_x): Use ecc_mod_sqr_canonical. * curve25519-eh-to-x.c (curve25519_eh_to_x): Use ecc_mod_mul_canonical. * ecc-eh-to-a.c (ecc_eh_to_a): Likewise. * ecc-j-to-a.c (ecc_j_to_a): Likewise. * ecc-mul-m.c (ecc_mul_m): Likewise. (cherry picked from commit 2bf497ba4d6acc6f352bca015837fad33008565c) |
CVE 2021 20305 2.patch | (download) |
eddsa-verify.c |
9 2 + 7 - 0 ! |
[patch] use ecc_mod_mul_canonical for point comparison. * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. (cherry picked from commit 5b7608fde3a6d2ab82bffb35db1e4e330927c906) |
CVE 2021 20305 3.patch | (download) |
ecc-ecdsa-verify.c |
4 2 + 2 - 0 ! |
[patch] fix bug in ecc_ecdsa_verify. * ecc-ecdsa-verify.c (ecc_ecdsa_verify): Use ecc_mod_mul_canonical to compute the scalars used for ecc multiplication. * testsuite/ecdsa-verify-test.c (test_main): Add test case that triggers an assert on 64-bit platforms, without above fix. * testsuite/ecdsa-sign-test.c (test_main): Test case generating the same signature. (cherry picked from commit 2397757b3f95fcae1e2d3011bf99ca5b5438378f) |
CVE 2021 20305 4.patch | (download) |
ecc-ecdsa-sign.c |
3 1 + 2 - 0 ! |
[patch] ensure ecdsa_sign output is canonically reduced. * ecc-ecdsa-sign.c (ecc_ecdsa_sign): Ensure s output is reduced to canonical range. (cherry picked from commit c24b36160dc5303f7541dd9da1429c4046f27398) |
CVE 2021 20305 6.patch | (download) |
eddsa-hash.c |
5 5 + 0 - 0 ! |
[patch] similar fix for eddsa. * eddsa-hash.c (_eddsa_hash): Ensure result is canonically reduced. Two of the three call sites need that. (cherry picked from commit d9b564e4b3b3a5691afb9328c7342b3f7ca64288) |
cve 2021 3580.patch | (download) |
pkcs1-sec-decrypt.c |
4 3 + 1 - 0 ! |
fix for cve-2021-3580 - potential crash on invalid input to the rsa decryption functions. |