Hi, On Sat, Jul 30, 2016 at 04:34:12PM +0200, Salvatore Bonaccorso wrote: > Furthermore there seem to be possible problems with the approach. > Hanno Boeck mentions on > http://www.openwall.com/lists/oss-security/2016/07/30/2 that the patch > has some unintended side effects. Cf. > https://lists.lysator.liu.se/pipermail/nettle-bugs/2016/003104.html
According to https://bugzilla.redhat.com/show_bug.cgi?id=1362016#c6 , there is https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068 additionally needed to add some snaity checks at the functions using mpz_powm_sec() Regards, Salvatore