Package: unbound Version: 1.9.3-1 Tags: upstream Severity: serious _verify_nettle_ecdsa() (in validator/val_secalgo.c) uses the addresses of nettle_secp_256r1 and nettle_secp_384r1 directly. As the comment in ecc- curve.h explains, "Due to ABI subtleties, applications should not refer to these directly, but use the below accessor functions." (nettle_get_secp_256r1() and nettle_get_secp_384r1().) Indeed, dnsmasq will fail to build with nettle 3.5.1, which I'm in the process of getting uploaded to unstable (and has been uploaded to experimental).
-- Magnus Holmgren holmg...@debian.org Debian Developer
signature.asc
Description: This is a digitally signed message part.
