[Buildroot] [PATCH] package/nettle: bump to version 3.7.3
Peter Korsgaard
peter at korsgaard.com
Fri Jul 30 13:59:03 UTC 2021
>>>>> "Francois" == Francois Perrad <fperrad at gmail.com> writes:
> Signed-off-by: Francois Perrad <francois.perrad at gadz.org>
It would have been good to mention that this is an important bugfix and
should be backported, E.G. from the announcement:
This is bugfix release, fixing bugs that could make the RSA
decryption functions crash on invalid inputs.
Upgrading to the new version is strongly recommended. For
applications that want to support older versions of Nettle,
the bug can be worked around by adding a check that the RSA
ciphertext is in the range 0 < ciphertext < n, before
attempting to decrypt it.
Thanks to Paul Schaub and Justus Winter for reporting these
problems.
The new version is intended to be fully source and binary
compatible with Nettle-3.6. The shared library names are
libnettle.so.8.4 and libhogweed.so.6.4, with sonames
libnettle.so.8 and libhogweed.so.6.
https://lists.gnu.org/archive/html/info-gnu/2021-06/msg00002.html
Committed to 2021.02.x and 2021.05.x with the commit message extended,
thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list