It was discovered that Nettle incorrectly handled signature verification. A remote attacker could use this issue to cause Nettle to crash, resulting in a denial of service, or possibly force invalid signatures.
{ "availability": "No subscription required", "binaries": [ { "nettle-dev": "3.2-1ubuntu0.16.04.2", "nettle-dbg": "3.2-1ubuntu0.16.04.2", "libhogweed4-dbgsym": "3.2-1ubuntu0.16.04.2", "nettle-dev-dbgsym": "3.2-1ubuntu0.16.04.2", "libnettle6": "3.2-1ubuntu0.16.04.2", "nettle-bin": "3.2-1ubuntu0.16.04.2", "libhogweed4": "3.2-1ubuntu0.16.04.2", "libnettle6-dbgsym": "3.2-1ubuntu0.16.04.2", "nettle-bin-dbgsym": "3.2-1ubuntu0.16.04.2" } ] }
{ "availability": "No subscription required", "binaries": [ { "nettle-dev": "3.4-1ubuntu0.1", "nettle-bin": "3.4-1ubuntu0.1", "libhogweed4-dbgsym": "3.4-1ubuntu0.1", "libnettle6": "3.4-1ubuntu0.1", "libhogweed4": "3.4-1ubuntu0.1", "libnettle6-dbgsym": "3.4-1ubuntu0.1", "nettle-bin-dbgsym": "3.4-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "nettle-dev": "3.5.1+really3.5.1-2ubuntu0.1", "nettle-bin": "3.5.1+really3.5.1-2ubuntu0.1", "libnettle7-dbgsym": "3.5.1+really3.5.1-2ubuntu0.1", "libhogweed5": "3.5.1+really3.5.1-2ubuntu0.1", "libnettle7": "3.5.1+really3.5.1-2ubuntu0.1", "nettle-bin-dbgsym": "3.5.1+really3.5.1-2ubuntu0.1", "libhogweed5-dbgsym": "3.5.1+really3.5.1-2ubuntu0.1" } ] }