Page MenuHomeFreeBSD

security/nettle: Update to 3.7.2
AbandonedPublic

Authored by crees on Mar 29 2021, 9:55 AM.

Details

Reviewers
sunpoet
Summary

This is a bugfix release, fixing a bug in ECDSA signature
verification that could lead to a denial of service attack
(via an assertion failure) or possibly incorrect results. It
also fixes a few related problems where scalars are required
to be canonically reduced modulo the ECC group order, but in
fact may be slightly larger.

Upgrading to the new version is strongly recommended.

The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.3 and libhogweed.so.6.3, with sonames
libnettle.so.8 and libhogweed.so.6.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 38151
Build 35040: arc lint + arc unit