A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
The patches that RedHat neglected to reference in the CVE are at URL and both
appear to be released with 3.7.3:
So, please stabilize 3.7.3.
*** Bug 807463 has been marked as a duplicate of this bug. ***