Hi, On 04/03/2019 16:55, Markus Koschany wrote: > Am 04.03.19 um 16:33 schrieb Sylvain Beucler: > [...] >> I see this as a strong signal that we should not attempt to backport the >> fix, and go with a <no-dsa> (minor). >> >> Alternatively we could upgrade nettle (libnettle4->libnettle6) which >> doesn't break gnutls28's test suite, though it's likely to introduce >> other issues (e.g. #789119). >> >> Thoughts? > I also worked on nettle/gnutls26 for Wheezy. There are too many changes > and just backporting rsa_sec_decrypt in nettle would be an incomplete > fix for CVE-2018-16869 because they introduced more hardening against > those side-channel attacks in other functions. An upgrade of nettle > would require a rebuild of all reverse-dependencies and that is probably > too intrusive.
Thanks for your input Markus. Instead of upgrading I was thinking of providing libnettle6 /in addition to/ libnettle4, but that still sounds like more troubles than it solves. Cheers! Sylvain
