nettle security and bug fix update

2016-11-09T00:00:00
ID ELSA-2016-2582
Type oraclelinux
Reporter Oracle
Modified 2016-11-09T00:00:00

Description

[2.7.1-8] - Use a cache-silent version of mpz_powm to prevent cache-timing attacks against RSA and DSA in shared VMs. (#1364897,CVE-2016-6489) [2.7.1-5] - Fixed SHA-3 implementation to conform to final standard (#1252936) - Fixed CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 which caused issues in secp256r1 and secp384r1 calculations (#1314374)