USN-4906-1: Nettle vulnerability
13 April 2021
Nettle could be made to crash or bypass signature verification if it opened a specially crafted certificate.
- nettle - low level cryptographic library
It was discovered that Nettle incorrectly handled signature verification.
A remote attacker could use this issue to cause Nettle to crash, resulting
in a denial of service, or possibly force invalid signatures.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.