NSS 3.118.0 Release
7 views
Skip to first unread message
Benjamin Beurdouche
10:31 AM (6 hours ago) 10:31 AM
to dev-tec...@mozilla.org
Network Security Services (NSS) 3.118 was released on 18 November 2025.
The HG tag is NSS_3_118_RTM. This version of NSS requires NSPR 4.37 or newer. The latest version of NSPR is 4.37.
NSS 3.118 source distributions are available on ftp.mozilla.org for secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_118_RTM/src/>
Changes:
Bug 1994866 - Remove four Commscope root certificates from NSS.
Bug 1996036 - fix try pushes with --nspr-patch to actually apply the patch.
Bug 1995512 - Support for NIST Curves compressed points.
Bug 1985058 - Destroy certificate on error paths.
Bug 1990242 - Move NSS DB password hash away from SHA-1.
Bug 1983313 - support secp384r1mlkem1024.
Bug 1991549 - vendor latest ML-KEM code from libcrux.
Bug 1991549 - add mlk-kem-1024 tests.
Bug 1996717 - use the correct directory for FStar_UInt_8_16_32_64.h in source consistency test.
Bug 1766767 - Move scripts to python3.
Bug 1983313 - add mlkem1024 support in freebl.
Bug 1983313 - support secp256r1mlkem768.
Bug 1983313 - Make mlkem768x25519 the default.
Bug 1983320 - ML-DSA SGN and VFY interfaces.
Bug 1988625 - Align FIPS interfaces count with array.
Bug 1989477 - Ensure CKK_ML_KEM has derive CK_FALSE.
Bug 1992128 - Add script for tagging an NSS release.
Bug 1992128 - Remove the globals from nss-release-helper.py.
Bug 1992128 - Add release helper command for generating the release index.
Bug 1992128 - Add release helper command for generating a release note.
Bug 1992128 - Add release helper command for freezing a branch.
NSS 3.118 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with this new version of the shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.
Bugs discovered should be reported by filing a bug report at <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>
Release notes are available at <https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>.
The HG tag is NSS_3_118_RTM. This version of NSS requires NSPR 4.37 or newer. The latest version of NSPR is 4.37.
NSS 3.118 source distributions are available on ftp.mozilla.org for secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_118_RTM/src/>
Changes:
Bug 1994866 - Remove four Commscope root certificates from NSS.
Bug 1996036 - fix try pushes with --nspr-patch to actually apply the patch.
Bug 1995512 - Support for NIST Curves compressed points.
Bug 1985058 - Destroy certificate on error paths.
Bug 1990242 - Move NSS DB password hash away from SHA-1.
Bug 1983313 - support secp384r1mlkem1024.
Bug 1991549 - vendor latest ML-KEM code from libcrux.
Bug 1991549 - add mlk-kem-1024 tests.
Bug 1996717 - use the correct directory for FStar_UInt_8_16_32_64.h in source consistency test.
Bug 1766767 - Move scripts to python3.
Bug 1983313 - add mlkem1024 support in freebl.
Bug 1983313 - support secp256r1mlkem768.
Bug 1983313 - Make mlkem768x25519 the default.
Bug 1983320 - ML-DSA SGN and VFY interfaces.
Bug 1988625 - Align FIPS interfaces count with array.
Bug 1989477 - Ensure CKK_ML_KEM has derive CK_FALSE.
Bug 1992128 - Add script for tagging an NSS release.
Bug 1992128 - Remove the globals from nss-release-helper.py.
Bug 1992128 - Add release helper command for generating the release index.
Bug 1992128 - Add release helper command for generating a release note.
Bug 1992128 - Add release helper command for freezing a branch.
NSS 3.118 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with this new version of the shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.
Bugs discovered should be reported by filing a bug report at <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>
Release notes are available at <https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>.
Reply all
Reply to author
Forward
0 new messages