summaryrefslogtreecommitdiff
path: root/security/nettle
diff options
context:
space:
mode:
authoradam <adam@pkgsrc.org>2021-06-07 18:57:58 +0000
committeradam <adam@pkgsrc.org>2021-06-07 18:57:58 +0000
commite67dc3b63214fa7c80696a04335824770af7ddc3 (patch)
treeefc6bae01ba291bfdd2d420ee6974333384b45f3 /security/nettle
parent7ab075660efeedb4b18e2249097df84d9e8ed1d7 (diff)
downloadpkgsrc-e67dc3b63214fa7c80696a04335824770af7ddc3.tar.gz
nettle: updated to 3.7.3
NEWS for the Nettle 3.7.3 release This is bugfix release, fixing bugs that could make the RSA decryption functions crash on invalid inputs. Upgrading to the new version is strongly recommended. For applications that want to support older versions of Nettle, the bug can be worked around by adding a check that the RSA ciphertext is in the range 0 < ciphertext < n, before attempting to decrypt it. Thanks to Paul Schaub and Justus Winter for reporting these problems. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.4 and libhogweed.so.6.4, with sonames libnettle.so.8 and libhogweed.so.6. Bug fixes: * Fix crash for zero input to rsa_sec_decrypt and rsa_decrypt_tr. Potential denial of service vector. * Ensure that all of rsa_decrypt_tr and rsa_sec_decrypt return failure for out of range inputs, instead of either crashing, or silently reducing input modulo n. Potential denial of service vector. * Ensure that rsa_decrypt returns failure for out of range inputs, instead of silently reducing input modulo n. * Ensure that rsa_sec_decrypt returns failure if the message size is too large for the given key. Unlike the other bugs, this would typically be triggered by invalid local configuration, rather than by processing untrusted remote data.
Diffstat (limited to 'security/nettle')
-rw-r--r--security/nettle/Makefile4
-rw-r--r--security/nettle/distinfo10
2 files changed, 7 insertions, 7 deletions
diff --git a/security/nettle/Makefile b/security/nettle/Makefile
index a0581e724ed..267319daee9 100644
--- a/security/nettle/Makefile
+++ b/security/nettle/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.26 2021/03/21 20:03:09 adam Exp $
+# $NetBSD: Makefile,v 1.27 2021/06/07 18:57:58 adam Exp $
-DISTNAME= nettle-3.7.2
+DISTNAME= nettle-3.7.3
CATEGORIES= devel security
MASTER_SITES= http://www.lysator.liu.se/~nisse/archive/
MASTER_SITES+= ftp://ftp.lysator.liu.se/pub/security/lsh/
diff --git a/security/nettle/distinfo b/security/nettle/distinfo
index 2967cc801c3..3b6da59cfb4 100644
--- a/security/nettle/distinfo
+++ b/security/nettle/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.21 2021/03/21 20:03:09 adam Exp $
+$NetBSD: distinfo,v 1.22 2021/06/07 18:57:58 adam Exp $
-SHA1 (nettle-3.7.2.tar.gz) = d617fbcf8d301dfd887129c3883629d4d097c579
-RMD160 (nettle-3.7.2.tar.gz) = 78dced3b71dbcb531f0b0a27c8f9c858d1cbe47b
-SHA512 (nettle-3.7.2.tar.gz) = 5f6edcc24ff620885b24394b31e55b494418c35dd63e6ece222ddabc58e793c44a82155051cc5759896ed5f014a8efd547f0aef6736a131e41651c5cab7c7211
-Size (nettle-3.7.2.tar.gz) = 2382309 bytes
+SHA1 (nettle-3.7.3.tar.gz) = 9adfadd4ae4104c8aceb38bf16064d65d7edbcce
+RMD160 (nettle-3.7.3.tar.gz) = f5314ed30570326464cbc4c7af0d0984d80aee9a
+SHA512 (nettle-3.7.3.tar.gz) = 9901eba305421adff6d551ac7f478dff3f68a339d444c776724ab0b977fe6be792b1d2950c8705acbe76bd924fd6d898a65eded546777884be3b436d0e052437
+Size (nettle-3.7.3.tar.gz) = 2383985 bytes
SHA1 (patch-Makefile.in) = ddc92dc4343df2723fbbfd1ef1afc01f1d576b09
SHA1 (patch-aa) = 2332668b077a6e3a1add603c87f60167755554ec
SHA1 (patch-config.make.in) = 708fb3cac9c44825e0d231541cbecade2239c850