openSUSE-SU-2021:2143-1

Опубликовано: 11 июл. 2021

Источник: suse-cvrf

Описание

Security update for libnettle

This update for libnettle fixes the following issues:

CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060).

Список пакетов

openSUSE Leap 15.3

libhogweed4-3.4.1-4.18.1

libhogweed4-32bit-3.4.1-4.18.1

libnettle-devel-3.4.1-4.18.1

libnettle-devel-32bit-3.4.1-4.18.1

libnettle6-3.4.1-4.18.1

libnettle6-32bit-3.4.1-4.18.1

nettle-3.4.1-4.18.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OZAR7UXBYGOSW57CMLBEWIM7KTCVMXFZ/
E-Mail link for openSUSE-SU-2021:2143-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187060
SUSE Bug 1187060
https://www.suse.com/security/cve/CVE-2021-3580/
SUSE CVE CVE-2021-3580 page

Описание

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

Затронутые продукты

openSUSE Leap 15.3:libhogweed4-3.4.1-4.18.1

openSUSE Leap 15.3:libhogweed4-32bit-3.4.1-4.18.1

openSUSE Leap 15.3:libnettle-devel-3.4.1-4.18.1

openSUSE Leap 15.3:libnettle-devel-32bit-3.4.1-4.18.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3580.html
CVE-2021-3580
https://bugzilla.suse.com/1187060
SUSE Bug 1187060
https://bugzilla.suse.com/1187892
SUSE Bug 1187892

openSUSE-SU-2021:2143-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-3580

Описание

Затронутые продукты

Ссылки