| Release | Version |
|---|---|
| stretch | 3.3-1 |
| buster | 3.4.1-1 |
| buster (security) | 3.4.1-1+deb10u1 |
| bullseye | 3.7.3-1 |
| sid | 3.7.3-1 |
| Bug | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|
| CVE-2021-20305 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | A flaw was found in Nettle in versions before 3.7.2, where several Net ... |
| CVE-2021-3580 | vulnerable | fixed | fixed | fixed | Remote crash in RSA decryption via manipulated ciphertext |
| CVE-2018-16869 | vulnerable (no DSA) | fixed | fixed | fixed | A Bleichenbacher type side-channel based padding oracle attack was fou ... |
| Bug | Description |
|---|---|
| CVE-2016-6489 | The RSA and DSA decryption code in Nettle makes it easier for attacker ... |
| CVE-2015-8805 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not p ... |
| CVE-2015-8804 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle ... |
| CVE-2015-8803 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not p ... |
| DSA / DLA | Description |
|---|---|
| DSA-4933-1 | nettle - security update |
| DLA-593-1 | nettle - security update |