Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:2280 - Security Advisory
Issued:
2021-06-07
Updated:
2021-06-07

RHSA-2021:2280 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: nettle security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for nettle is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

Security Fix(es):

  • nettle: Out of bounds memory access in signature verification (CVE-2021-20305)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux EUS Compute Node 7.7 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7 x86_64

Fixes

  • BZ - 1942533 - CVE-2021-20305 nettle: Out of bounds memory access in signature verification

CVEs

  • CVE-2021-20305

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
x86_64
nettle-2.7.1-9.el7_7.i686.rpm SHA-256: 2976ff44f0e8e5297259c339b411577fd94ae735d03aaaa0562a0d07b2572546
nettle-2.7.1-9.el7_7.x86_64.rpm SHA-256: 1ede8e8352dfedd9273c94a1f22e398d9322e207cdbb79b114296d1939a695bc
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-devel-2.7.1-9.el7_7.i686.rpm SHA-256: 6afc7ef07c9aa6f50ccc583b5fd02ed452ac92f7da84cb399dd1b3788b4dc9f7
nettle-devel-2.7.1-9.el7_7.x86_64.rpm SHA-256: d35cf028b98c5cbfddfd6a9db8ba3a58bb58248df620cd864b31b79e2100757a

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
x86_64
nettle-2.7.1-9.el7_7.i686.rpm SHA-256: 2976ff44f0e8e5297259c339b411577fd94ae735d03aaaa0562a0d07b2572546
nettle-2.7.1-9.el7_7.x86_64.rpm SHA-256: 1ede8e8352dfedd9273c94a1f22e398d9322e207cdbb79b114296d1939a695bc
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-devel-2.7.1-9.el7_7.i686.rpm SHA-256: 6afc7ef07c9aa6f50ccc583b5fd02ed452ac92f7da84cb399dd1b3788b4dc9f7
nettle-devel-2.7.1-9.el7_7.x86_64.rpm SHA-256: d35cf028b98c5cbfddfd6a9db8ba3a58bb58248df620cd864b31b79e2100757a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
s390x
nettle-2.7.1-9.el7_7.s390.rpm SHA-256: 25c118a28cbf37ffd058e38c0eff79e2cfde77388716951903bda6980e192d1d
nettle-2.7.1-9.el7_7.s390x.rpm SHA-256: 1d9720c791b84ea5202dd0c29e0fe77c05c7b72447c9fca6900fdbeabd727efd
nettle-debuginfo-2.7.1-9.el7_7.s390.rpm SHA-256: c8af953782ba31682977875e6e1430cc90ed43eb2d88b3c4c8d52e8065b0c6eb
nettle-debuginfo-2.7.1-9.el7_7.s390x.rpm SHA-256: 033a4dadf063bd9073b3425ce1754fee1242c3830c7eae900f4a5338bc89f722
nettle-devel-2.7.1-9.el7_7.s390.rpm SHA-256: 2d205a28c570936498a27619f84735b9cf35b0fbffb4275cf273416b2c95717c
nettle-devel-2.7.1-9.el7_7.s390x.rpm SHA-256: feeb9f9c7992fbb4f747db15f7ef93024fe21c75421d25e0efcfce50a00dc47a

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
ppc64
nettle-2.7.1-9.el7_7.ppc.rpm SHA-256: a50a6a1e4e3e4195f1b6ef2e9180926cee573c008e336787a2f9f91ca3926bc3
nettle-2.7.1-9.el7_7.ppc64.rpm SHA-256: 98b3982ab6e3ef975a56319dedf3d87d8704bff9111676a5615dd9e9c8a1b7b5
nettle-debuginfo-2.7.1-9.el7_7.ppc.rpm SHA-256: 2598ba1c1541f0c6dee6d7d86a43bb693a3d923d3aa7622c159d6459b95de64e
nettle-debuginfo-2.7.1-9.el7_7.ppc64.rpm SHA-256: c404ba5c932a878888ba35b8b4073e8f509a82f33d067fb33529eccda47a0fe2
nettle-devel-2.7.1-9.el7_7.ppc.rpm SHA-256: b53b8d7787a9c64eb145a3b641b3109a5ae5330614fc59f68604f575e32be2f9
nettle-devel-2.7.1-9.el7_7.ppc64.rpm SHA-256: 0796af9f7de98bac85ab8850f3ee9e3207cd6538018598a271781d5a05e066ae

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
ppc64le
nettle-2.7.1-9.el7_7.ppc64le.rpm SHA-256: 6ee655a0d0a7618b2867b2bc0e12d495ba586ae0042ffe8b9a9505d8c7baa02b
nettle-debuginfo-2.7.1-9.el7_7.ppc64le.rpm SHA-256: daaf74210322485fcb9afbb05d6cd7b38fe6871d3105b44dd1373ed95970a5b6
nettle-devel-2.7.1-9.el7_7.ppc64le.rpm SHA-256: 4743b27ffa90d643c8380acd1d75124b205c621d582928122755d4336854a1a7

Red Hat Enterprise Linux Server - TUS 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
x86_64
nettle-2.7.1-9.el7_7.i686.rpm SHA-256: 2976ff44f0e8e5297259c339b411577fd94ae735d03aaaa0562a0d07b2572546
nettle-2.7.1-9.el7_7.x86_64.rpm SHA-256: 1ede8e8352dfedd9273c94a1f22e398d9322e207cdbb79b114296d1939a695bc
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-devel-2.7.1-9.el7_7.i686.rpm SHA-256: 6afc7ef07c9aa6f50ccc583b5fd02ed452ac92f7da84cb399dd1b3788b4dc9f7
nettle-devel-2.7.1-9.el7_7.x86_64.rpm SHA-256: d35cf028b98c5cbfddfd6a9db8ba3a58bb58248df620cd864b31b79e2100757a

Red Hat Enterprise Linux EUS Compute Node 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
x86_64
nettle-2.7.1-9.el7_7.i686.rpm SHA-256: 2976ff44f0e8e5297259c339b411577fd94ae735d03aaaa0562a0d07b2572546
nettle-2.7.1-9.el7_7.x86_64.rpm SHA-256: 1ede8e8352dfedd9273c94a1f22e398d9322e207cdbb79b114296d1939a695bc
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-devel-2.7.1-9.el7_7.i686.rpm SHA-256: 6afc7ef07c9aa6f50ccc583b5fd02ed452ac92f7da84cb399dd1b3788b4dc9f7
nettle-devel-2.7.1-9.el7_7.x86_64.rpm SHA-256: d35cf028b98c5cbfddfd6a9db8ba3a58bb58248df620cd864b31b79e2100757a

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
ppc64le
nettle-2.7.1-9.el7_7.ppc64le.rpm SHA-256: 6ee655a0d0a7618b2867b2bc0e12d495ba586ae0042ffe8b9a9505d8c7baa02b
nettle-debuginfo-2.7.1-9.el7_7.ppc64le.rpm SHA-256: daaf74210322485fcb9afbb05d6cd7b38fe6871d3105b44dd1373ed95970a5b6
nettle-devel-2.7.1-9.el7_7.ppc64le.rpm SHA-256: 4743b27ffa90d643c8380acd1d75124b205c621d582928122755d4336854a1a7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7

SRPM
nettle-2.7.1-9.el7_7.src.rpm SHA-256: d2f4149b6cc3f73e9c8a8edb343c872b2d537df97427eead5cdf34b3f6e2d2b3
x86_64
nettle-2.7.1-9.el7_7.i686.rpm SHA-256: 2976ff44f0e8e5297259c339b411577fd94ae735d03aaaa0562a0d07b2572546
nettle-2.7.1-9.el7_7.x86_64.rpm SHA-256: 1ede8e8352dfedd9273c94a1f22e398d9322e207cdbb79b114296d1939a695bc
nettle-debuginfo-2.7.1-9.el7_7.i686.rpm SHA-256: 58c25adfd483cb62e82f7e43bc56b1625102360d0b7fce7b7a0eab0ffaca8b68
nettle-debuginfo-2.7.1-9.el7_7.x86_64.rpm SHA-256: 0a29922e5c494f9b536acae6a6e6ca7fbed1d6888cea3de59b23a581433e4872
nettle-devel-2.7.1-9.el7_7.i686.rpm SHA-256: 6afc7ef07c9aa6f50ccc583b5fd02ed452ac92f7da84cb399dd1b3788b4dc9f7
nettle-devel-2.7.1-9.el7_7.x86_64.rpm SHA-256: d35cf028b98c5cbfddfd6a9db8ba3a58bb58248df620cd864b31b79e2100757a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility