Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 25 mingw-nettle Update: Critical Cache-Timing Attack Fix

fedora
Calendar Grey November 19, 2016
Dist Fedora Esm H88
Fedora 25 users should note that a crucial update for the mingw-nettle package addresses cache-timing attack vulnerabilities. Update your systems promptly to ensure security.
Nettle 3.3: GnuTLS 3.5.5: https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.html

Summary

Nettle is a cryptographic library that is designed to fit easily in

more or less any context: In crypto toolkits for object-oriented

languages (C++, Python, Pike, ...), in applications like LSH or GNUPG,

or even in kernel space.

Update Information:

Nettle 3.3: GnuTLS 3.5.5: https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.html

Topics%20covered

Topics Covered

security advisory fedora update critical cryptographic library mingw-nettle cache-timing attack

Change Log

References


[ 1 ] Bug #1362016 - CVE-2016-6489 nettle: RSA/DSA code is vulnerable to cache-timing related attacks https://bugzilla.redhat.com/show_bug.cgi?id=1362016

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade mingw-nettle' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-nettle
Product: Fedora 25
Version: 3.3
Release: 1.fc25
URL: http://www.lysator.liu.se/~nisse/nettle/
Summary: MinGW package for nettle cryptographic library

Topics%20covered

Topics Covered

security advisory fedora update critical cryptographic library mingw-nettle cache-timing attack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here