drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Nettle
Name: |
Preisgabe von Informationen in Nettle |
|
ID: |
USN-3193-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 16.10 |
|
Datum: |
Mo, 6. Februar 2017, 23:17 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6489 |
|
Applikationen: |
Nettle |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1218144979895775769== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iwiO8PoHuXDbkDvolNPs4jVSsJdw5R86s"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --iwiO8PoHuXDbkDvolNPs4jVSsJdw5R86s Content-Type: multipart/mixed; boundary="phk5I7MCknn8mvh53cbpRTWsUCsmDXpQR" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <5c6d6442-ba0c-2c8d-c53c-2d9ff7658100@canonical.com> Subject: [USN-3193-1] Nettle vulnerability
--phk5I7MCknn8mvh53cbpRTWsUCsmDXpQR Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3193-1 February 06, 2017
nettle vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Nettle could be made to expose sensitive information over the network.
Software Description: - nettle: low level cryptographic library (public-key cryptos)
Details:
It was discovered that Nettle incorrectly mitigated certain timing side-channel attacks. A remote attacker could possibly use this flaw to recover private keys.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: libnettle6 3.2-1ubuntu0.16.10.1
Ubuntu 16.04 LTS: libnettle6 3.2-1ubuntu0.16.04.1
Ubuntu 14.04 LTS: libnettle4 2.7.1-1ubuntu0.2
Ubuntu 12.04 LTS: libnettle4 2.4-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3193-1 CVE-2016-6489
Package Information: https://launchpad.net/ubuntu/+source/nettle/3.2-1ubuntu0.16.10.1 https://launchpad.net/ubuntu/+source/nettle/3.2-1ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/nettle/2.7.1-1ubuntu0.2 https://launchpad.net/ubuntu/+source/nettle/2.4-1ubuntu0.1
--phk5I7MCknn8mvh53cbpRTWsUCsmDXpQR--
--iwiO8PoHuXDbkDvolNPs4jVSsJdw5R86s Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJYmM9gAAoJEGVp2FWnRL6TwX8P/17MBMa8CD4cWrng8Vunwtt9 vYSl9dgA86hbym64WoiudfeS1QDkn53nFFusrtb3yi6qXKmaO8KTsW/YoIPuIRfB q+GOMHuABfpp7LCC1mztNofQQVVV0gf6yM9vxQ9w9f9QcHoZSU8n49yYema2p8+1 vXxBn2arAz4Fy7rLY44klYhtXooYY9xnhTlzmLHP2o7D2FhfS2NhPH8n7clyuM88 S4Xip+FgC69PWcoiix6DwncAY54s+1ovUv4ruNMMBuKPzzJtftdirPtDuM2gPClI tgk/ws5wDSQyHoodYW2rQH9kK5JD/bKZlJJUG+ACnO26V5PUClkSNj/6cH2JGicK 3pjkxL8Lu/GCgeyS5Wolmq8JIkccMeYvZJBsIBfckKDwpfFsPsnGZ4zavNOQ0YHU PhYXVVIte/YEpesRQGavSiC4rVuVNC6GpI3Z/Dvr9kuM84ubdvo5FJPNGCwIQ1CE LhmCt7PEf/ljAaxf9x41G/wAYf/Pl1sRVCFpQGb+9BjieAkVqqw65m3WjQz3YWlx tUJZaTerlyabiLMwMJtmyzO3pTN1WDjn+ZylbGOuumURzML4T26esXK7EaP+IS9Q sySC+yNJXwmBP0hq3lKzVju2xlL6WkULSqE7NEd3hZ+PUSNdbL0BsQQnmUrDHDzV jBXdUJ25PsEqHB/Xie5N =8Lz6 -----END PGP SIGNATURE-----
--iwiO8PoHuXDbkDvolNPs4jVSsJdw5R86s--
--===============1218144979895775769== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1218144979895775769==--
|
|
|
|