Re: gnutls/nettle (CVE-2018-16868/CVE-2018-16869)
On 04/03/2019 16:55, Markus Koschany wrote:
> Am 04.03.19 um 16:33 schrieb Sylvain Beucler:
>> I see this as a strong signal that we should not attempt to backport the
>> fix, and go with a <no-dsa> (minor).
>> Alternatively we could upgrade nettle (libnettle4->libnettle6) which
>> doesn't break gnutls28's test suite, though it's likely to introduce
>> other issues (e.g. #789119).
> I also worked on nettle/gnutls26 for Wheezy. There are too many changes
> and just backporting rsa_sec_decrypt in nettle would be an incomplete
> fix for CVE-2018-16869 because they introduced more hardening against
> those side-channel attacks in other functions. An upgrade of nettle
> would require a rebuild of all reverse-dependencies and that is probably
> too intrusive.
Thanks for your input Markus.
Instead of upgrading I was thinking of providing libnettle6 /in addition
to/ libnettle4, but that still sounds like more troubles than it solves.