File _patchinfo of Package patchinfo.10656

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.10656

<patchinfo incident="10656">
  <issue id="1129598" tracker="bnc">[TRACKERBUG] FATE#327114: [ECO] Update gnutls to 3.6.6 to support TLS 1.3</issue>
  <issue tracker="fate" id="327114"/>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>jsikes</packager>
  <description>This update for libnettle to version 3.4.1 fixes the following issues:

Issues addressed and new features:

- Updated to 3.4.1 (fate#327114 and bsc#1129598)
- Fixed a missing break statements in the parsing of PEM input files in pkcs1-conv.
- Fixed a link error on the pss-mgf1-test which was affecting builds without public key support.
- All functions using RSA private keys are now side-channel silent. This applies both to the 
  bignum calculations, which now use GMP's mpn_sec_* family of functions, and the processing of 
  PKCS#1 padding needed for RSA decryption.
- Changes in behavior:
   The functions rsa_decrypt and rsa_decrypt_tr may now clobber all of the provided message 
   buffer, independent of the actual message length. They are side-channel silent, in that
   branches and memory accesses don't depend on the validity or length of the message. 
   Side-channel leakage from the caller's use of length and return value may still provide 
   an oracle useable for a Bleichenbacher-style chosen ciphertext attack. 
   Which is why the new function rsa_sec_decrypt is recommended.
</description>
  <summary>Security update for libnettle</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.10656

Places