[dev-tech-crypto] NSS 3.95 Release
33 views
Skip to first unread message
Anna Weine
Nov 27, 2023, 5:06:39 AM11/27/23
to dev-tec...@mozilla.org
Dear all,
Network Security Services (NSS) 3.95 was released on 27 November 2023.
The HG tag is NSS_3_95_RTM. This version of NSS requires NSPR 4.35 or newer.
NSS 3.95 source distributions are available on ftp.mozilla.org for
secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_95_RTM/src/>
Changes:
- Bug 1842932 - Bump builtins version number.
- Bug 1851044: Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert.
- Bug 1855318: Remove 4 DigiCert (Symantec/Verisign) Root Certificates from NSS.
- Bug 1851049: Remove 3 TrustCor Root Certificates from NSS.
- Bug 1850982 - Remove Camerfirma root certificates from NSS.
- Bug 1842935 - Remove old Autoridad de Certificacion Firmaprofesional Certificate.
- Bug 1860670 - Add four Commscope root certificates to NSS.
- Bug 1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
- Bug 1863605 - Include P-384 and P-521 Scalar Validation from HACL*
- Bug 1861728 - Include P-256 Scalar Validation from HACL*.
- Bug 1861265 After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level
- Bug 1837987:Add means to provide library parameters to C_Initialize
- Bug 1573097 - clang format
- Bug 1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
- Bug 1858241 - Typo in ssl3_AppendHandshakeNumber
- Bug 1858241 - Introducing input check of ssl3_AppendHandshakeNumber
- Bug 1573097 - Fix Invalid casts in instance.c
NSS 3.95 shared libraries are backwards-compatible with all older NSS
3.x shared libraries. A program linked with older NSS 3.x shared
libraries will work with this new version of the shared libraries
without recompiling or relinking. Furthermore, applications that
restrict their use of NSS APIs to the functions listed in NSS Public
Functions will remain compatible with future versions of the NSS
shared libraries.
Bugs discovered should be reported by filing a bug report at
<https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>
Release notes are available at
<https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>.
Best,
Anna
Network Security Services (NSS) 3.95 was released on 27 November 2023.
The HG tag is NSS_3_95_RTM. This version of NSS requires NSPR 4.35 or newer.
NSS 3.95 source distributions are available on ftp.mozilla.org for
secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_95_RTM/src/>
Changes:
- Bug 1842932 - Bump builtins version number.
- Bug 1851044: Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert.
- Bug 1855318: Remove 4 DigiCert (Symantec/Verisign) Root Certificates from NSS.
- Bug 1851049: Remove 3 TrustCor Root Certificates from NSS.
- Bug 1850982 - Remove Camerfirma root certificates from NSS.
- Bug 1842935 - Remove old Autoridad de Certificacion Firmaprofesional Certificate.
- Bug 1860670 - Add four Commscope root certificates to NSS.
- Bug 1850598 - Add TrustAsia Global Root CA G3 and G4 root certificates.
- Bug 1863605 - Include P-384 and P-521 Scalar Validation from HACL*
- Bug 1861728 - Include P-256 Scalar Validation from HACL*.
- Bug 1861265 After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level
- Bug 1837987:Add means to provide library parameters to C_Initialize
- Bug 1573097 - clang format
- Bug 1854795 - add OSXSAVE and XCR0 tests to AVX2 detection.
- Bug 1858241 - Typo in ssl3_AppendHandshakeNumber
- Bug 1858241 - Introducing input check of ssl3_AppendHandshakeNumber
- Bug 1573097 - Fix Invalid casts in instance.c
NSS 3.95 shared libraries are backwards-compatible with all older NSS
3.x shared libraries. A program linked with older NSS 3.x shared
libraries will work with this new version of the shared libraries
without recompiling or relinking. Furthermore, applications that
restrict their use of NSS APIs to the functions listed in NSS Public
Functions will remain compatible with future versions of the NSS
shared libraries.
Bugs discovered should be reported by filing a bug report at
<https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>
Release notes are available at
<https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>.
Best,
Anna
Benjamin Beurdouche
Nov 27, 2023, 5:08:57 AM11/27/23
to Anna Kulatova, dev-tec...@mozilla.org, Dennis Jackson
Thanks Anna for uploading the archive and sending out the email !
Thanks Dennis for handling that release !
B.
--
You received this message because you are subscribed to the Google Groups "dev-tec...@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-cryp...@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMeH0%2BpqdXTwL6DLqMAfu92RdmchUa7JUJVamaW_ktoM8YdvCg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages