USN-3193-1: Nettle vulnerability
6 February 2017
Nettle could be made to expose sensitive information over the network.
- nettle - low level cryptographic library (public-key cryptos)
It was discovered that Nettle incorrectly mitigated certain timing
side-channel attacks. A remote attacker could possibly use this flaw to
recover private keys.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.