Security update of nettle

Andreas Metzler ametzler at bebt.de
Sun Aug 7 06:04:20 UTC 2016 

On 2016-08-07 Ola Lundqvist <ola at inguza.com> wrote:
> On Sat, Aug 6, 2016 at 8:40 PM, Niels Möller <nisse at lysator.liu.se> wrote:
>> Ola Lundqvist <ola at inguza.com> writes:
>>> Magnus, Niels and I have been discussing the nettle update due to
>>> https://security-tracker.debian.org/tracker/CVE-2016-6489

>> Please note that some coordinatoino with gnutls may be needed, to avoid
>> a denial-of-service problem involving invalid private keys.

>>> I suggest something like this: "Protect against potential timing
>>> attacks against exponentiation operations as described in
>>> CVE-2016-6489 RSA code is vulnerable to cache sharing related
>>> attacks."

>> I'd suggest the more general "side-channel attacks" over "timing
>> attacks".

> I do not think coordination with gnutls is needed. I can not see that
> gnutls depend on nettle in wheezy.
> I can see that it can potentially do that, but I do not think it do.

> There are no dependencies declared on nettle library and from unstable
> changelog it looks like this build dependency was first added in gnutls28.
> Wheezy has gnutls28.

> I may be wrong however.

> Or can it be so that nettle is built in statically and that a build
> dependency is not needed as some other package has a build dependency so we
> get it indirectly?

> I'm including the gnutls maintainers to get their opinion.


Hello Ola,

I think I am missing a little bit context, according to the security
tracker the issue applies to practically all versions of, from oldstable
up to and including unstable but the discussion seems to focus on LTS.

You are right regarding wheezy/oldstable. It shipped gnutls 2.12.x built
against libgcrypt instead of nettle, there should not be a problem with
a nettle update. 3.3.8 (using nettle) is in wheezy-backports, but that
is not covered by LTS afaiu.

I am wondering about stable/testing/sid though.
https://security-tracker.debian.org/tracker/CVE-2016-6489 points to
"Original patch had some unintended side effects:", e.g. breaking
GnuTLS. There is a lot of discussion following, however I failed to get
whether the followup patches commited to nettle git did away with the
"unintended side effects" or whether we still need to coordinate for
stable/testing/sid?

cu Andreaas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-gnutls-maint mailing list