[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ANNOUNCE: Nettle-3.9.1

From: Niels Möller
Subject: ANNOUNCE: Nettle-3.9.1
Date: Thu, 01 Jun 2023 21:13:46 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (berkeley-unix)

I've prepared a bugfix release for GNU Nettle, a low-level
cryptographics library. The most severe of the fixed bugs was a memory
corruption bug in the new OCB implementation. Se below for complete list
of bug fixes.

The Nettle home page can be found at, and the manual at

The release can be downloaded from

Happy hacking,
/Niels Möller

NEWS for the Nettle 3.9.1 release

        This is a bugfix release, fixing a few bugs reported for
        Nettle-3.9. The bug in the new OCB code may be exploitable for
        denial of service or worse, since triggering it leads to
        memory corruption. Upgrading from Nettle-3.9 to the new
        version is strongly recommended.

        The new version is intended to be fully source and binary
        compatible with Nettle-3.6. The shared library names are and, with sonames and

        Bug fixes:

        * Fix OCB loop for processing messages of size 272 bytes or
          larger. Reported and fixed by Jussi Kivilinna.

        * Fix alignment bug in the new x86_64 non-pclmul assembly
          implementation of ghash. Reported by Henrik Grubbström.

        * Fix build-time memory leak in eccdata. Reported by Noah

Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]