NSS 3.97 Release

Skip to first unread message

Benjamin Beurdouche

Jan 22, 2024, 12:25:51 PMJan 22
to dev-tec...@mozilla.org
Dear all,

Network Security Services (NSS) 3.97 was tagged on January 22, 2024 and released today.

The HG tag is NSS_3_97_RTM. This version of NSS requires NSPR 4.35 or newer.

NSS 3.97 source distributions are available on ftp.mozilla.org for
secure HTTPS download:


- Bug 1875506 - make Xyber768d00 opt-in by policy.
- Bug 1871631 - add libssl support for xyber768d00.
- Bug 1871630 - add PK11_ConcatSymKeys.
- Bug 1775046 - add Kyber and a PKCS#11 KEM interface to softoken.
- Bug 1871152 - add a FreeBL API for Kyber.
- Bug 1826451 - part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff.
- Bug 1826451 - part 1: add a script for vendoring kyber from pq-crystals repo.
- Bug 1835828 - Removing the calls to RSA Blind from loader.*
- Bug 1874111 - fix worker type for level3 mac tasks.
- Bug 1835828 - RSA Blind implementation.
- Bug 1869642 - Remove DSA selftests.
- Bug 1873296 - read KWP testvectors from JSON.
- Bug 1822450 - Backed out changeset dcb174139e4f
- Bug 1822450 - Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation.
- Bug 1871219 - Wrap CC shell commands in gyp expansions.

NSS 3.97 shared libraries are backwards-compatible with all older NSS
3.x shared libraries. A program linked with older NSS 3.x shared
libraries will work with this new version of the shared libraries
without recompiling or relinking. Furthermore, applications that
restrict their use of NSS APIs to the functions listed in NSS Public
Functions will remain compatible with future versions of the NSS
shared libraries.

Bugs discovered should be reported by filing a bug report at

Release notes are available at

Reply all
Reply to author
0 new messages