A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "nettle-dev": "3.4.1-0ubuntu0.18.04.1", "nettle-bin": "3.4.1-0ubuntu0.18.04.1", "libhogweed4-dbgsym": "3.4.1-0ubuntu0.18.04.1", "libnettle6": "3.4.1-0ubuntu0.18.04.1", "libhogweed4": "3.4.1-0ubuntu0.18.04.1", "libnettle6-dbgsym": "3.4.1-0ubuntu0.18.04.1", "nettle-bin-dbgsym": "3.4.1-0ubuntu0.18.04.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "nettle-dev": "3.5.1+really3.5.1-2ubuntu0.2", "nettle-bin": "3.5.1+really3.5.1-2ubuntu0.2", "libnettle7-dbgsym": "3.5.1+really3.5.1-2ubuntu0.2", "libhogweed5": "3.5.1+really3.5.1-2ubuntu0.2", "libnettle7": "3.5.1+really3.5.1-2ubuntu0.2", "nettle-bin-dbgsym": "3.5.1+really3.5.1-2ubuntu0.2", "libhogweed5-dbgsym": "3.5.1+really3.5.1-2ubuntu0.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libnettle8-dbgsym": "3.7.3-1", "nettle-dev": "3.7.3-1", "libhogweed6": "3.7.3-1", "nettle-bin": "3.7.3-1", "libhogweed6-dbgsym": "3.7.3-1", "libnettle8": "3.7.3-1", "nettle-bin-dbgsym": "3.7.3-1" } ] }