MiracleLinux 7 : nettle-2.7.1-8.el7 (AXSA:2016-1108:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1108:01 advisory. Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C ,...

SUSE CVE-2016-6489

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack...

Mageia: Security Advisory (MGASA-2016-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1481-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2016-1061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in nettle affects PowerKVM

Summary PowerKVM is affected by a vulnerability in nettle. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-6489 DESCRIPTION: Nettle could allow a remote attacker to obtain sensitive information, caused by a cache-related side channel attack in the RSA and DSA...

openSUSE Security Update : libnettle (openSUSE-2017-675)

This update for libnettle fixes the following issues : - CVE-2016-6489 : - Reject invalid RSA keys with even modulo. - Check for invalid keys, with even p, in dsasign. - Use function mpzpowmsec instead of mpzpowm bsc991464. This update was imported from the SUSE:SLE-12:Update update project...

SUSE SLED12 / SLES12 Security Update : libnettle (SUSE-SU-2017:1481-1)

This update for libnettle fixes the following issues : - CVE-2016-6489 : - Reject invalid RSA keys with even modulo. - Check for invalid keys, with even p, in dsasign. - Use function mpzpowmsec instead of mpzpowm bsc991464. Note that Tenable Network Security has extracted the preceding descriptio...

SUSE-SU-2017:1481-1 Security update for libnettle

This update for libnettle fixes the following issues: - CVE-2016-6489: Reject invalid RSA keys with even modulo. Check for invalid keys, with even p, in dsasign. Use function mpzpowmsec instead of mpzpowm bsc991464...

EulerOS 2.0 SP1 : nettle (EulerOS-SA-2016-1061)

According to the versions of the nettle packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languagesC+...

CVE-2016-6489

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack...

Ubuntu: Security Advisory (USN-3193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : nettle on SL7.x x86_64 (20161103)

Security Fixes : - Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality. CVE-2015-8803, CVE-2015-8804, CVE-2015-8805 - It was found that nettle's RSA and DSA...

Fedora 25 : mingw-gnutls / mingw-nettle (2016-762cb57c92)

Nettle 3.3: https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00003.html GnuTLS 3.5.5: https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

nettle security and bug fix update

2.7.1-8 - Use a cache-silent version of mpzpowm to prevent cache-timing attacks against RSA and DSA in shared VMs. 1364897,CVE-2016-6489 2.7.1-5 - Fixed SHA-3 implementation to conform to final standard 1252936 - Fixed CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 which caused issues in secp256r1 and...

RHEL 7 : nettle (RHSA-2016:2582)

An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Debian DLA-593-1 : nettle security update

The cryptographic library nettle had a potential information leak problem reported. CVE-2016-6489 RSA code is vulnerable to cache sharing related attacks. For Debian 7 'Wheezy', this problems has been fixed in version 2.4-3+deb7u1. We recommend that you upgrade your nettle packages. NOTE: Tenable...

[SECURITY] [DLA 593-1] nettle security update

Package : nettle Version : 2.4-3+deb7u1 CVE ID : CVE-2016-6489 Debian Bug : 832983 The cryptographic library nettle had a potential information leak problem reported. CVE-2016-6489 RSA code is vulnerable to cache sharing related attacks. For Debian 7 "Wheezy", this problems has been fixed in...

CVE-2016-6489

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack...