24 matches found
MiracleLinux 7 : nettle-2.7.1-8.el7 (AXSA:2016-1108:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1108:01 advisory. Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages C ,...
SUSE: Security Advisory (SUSE-SU-2016:0455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2016-1061)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : nettle on SL7.x x86_64 (20161103)
Security Fixes : - Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality. CVE-2015-8803, CVE-2015-8804, CVE-2015-8805 - It was found that nettle's RSA and DSA...
RHEL 7 : nettle (RHSA-2016:2582)
An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Fedora 23 : compat-nettle27 (2016-d94300845b)
Fixes CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 secp256r1 and secp384r1 bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 22 : nettle-2.7.1-6.fc22 (2016-8ee88aee21)
Fixes CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 secp256r1 and secp384r1 bugs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
CVE-2015-8805
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
DEBIAN-CVE-2015-8805
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8805
Summary. The CVE-2015-8805 issue affects the nettle cryptographic library prior to version 3.2. The vulnerability is in the elliptic-curve implementation for P-256: the ecc_256_modq function in ecc-256.c does not properly handle carry propagation, producing incorrect output. This is documented al...
CVE-2015-8803
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8805
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
openSUSE Security Update : libnettle (openSUSE-2016-217)
This update for libnettle fixes the following issues : - CVE-2015-8803: secp256 calculation bug boo964845 - CVE-2015-8804: Miscalculations on secp384 curve boo964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions. boo964849 %NASLMINLEVEL 70300 C Tenable Network Security...
openSUSE Security Update : libnettle (openSUSE-2016-211)
This update for libnettle fixes the following issues : - CVE-2015-8803: secp256 calculation bug boo964845 - CVE-2015-8804: Miscalculations on secp384 curve boo964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions. boo964849 %NASLMINLEVEL 70300 C Tenable Network Security...
SUSE SLED12 / SLES12 Security Update : libnettle (SUSE-SU-2016:0455-1)
This update for libnettle fixes the following security issues : - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
openSUSE Security Update : libnettle (openSUSE-2016-212)
This update for libnettle fixes the following security issues : - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
Ubuntu: Security Advisory (USN-2897-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Nettle vulnerabilities (USN-2897-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2897-1 advisory. Hanno Bck discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. CVE-2015-8803 Hanno Bck discovered that Nettle...
SUSE-SU-2016:0455-1 Security update for libnettle
This update for libnettle fixes the following security issues: - CVE-2015-8803: Fixed miscomputation bugs in secp-256r1 modulo functions. bsc964845 - CVE-2015-8804: Fixed carry folding bug in x8664 ecc384modp. bsc964847 - CVE-2015-8805: Fixed miscomputation bugs in secp-256r1 modulo functions...
Mageia: Security Advisory (MGASA-2016-0061)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...