NSS 3.122.1 Release
12 views
Skip to first unread message
John Schanck
Apr 13, 2026, 7:58:09 PM (yesterday) Apr 13
to dev-tec...@mozilla.org
Network Security Services (NSS) 3.122.1 was released on 13 April 2026.
The HG tag is NSS_3_122_1_RTM. This version of NSS requires NSPR 4.38 or newer. The latest version of NSPR is 4.38.2.
NSS 3.122.1 source distributions are available on ftp.mozilla.org for secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_122_1_RTM/src/>
Changes:
- Bug 2030135 - improve error handling in PK11_ImportPrivateKeyInfoAndReturnKey.
- Bug 2029752 - Improving the allocation of S/MIME DecryptSymKey.
- Bug 2029462 - store email on subject cache_entry in NSS trust domain.
- Bug 2029425 - Heap use-after-free in cert_VerifyCertChainOld via dangling certsList[] entry on NameConstraints violation.
- Bug 2029323 - Improve size calculations in CMS content buffering.
- Bug 2028001 - avoid integer overflow while escaping RFC822 Names.
- Bug 2027378 - Reject excessively large ASN.1 SEQUENCE OF in quickder.
- Bug 2027365 - Deep copy profile data in CERT_FindSMimeProfile.
- Bug 2027345 - Improve input validation in DSAU signature decoding.
- Bug 2026311 - avoid integer overflow in RSA_EMSAEncodePSS.
- Bug 2026156 - Add a maximum cert uncompressed len and tests.
- Bug 2026089 - Clarify extension negotiation mechanism for TLS Handshakes.
- Bug 1935995 - make ss->ssl3.hs.cookie an owned-copy of the cookie.
The HG tag is NSS_3_122_1_RTM. This version of NSS requires NSPR 4.38 or newer. The latest version of NSPR is 4.38.2.
NSS 3.122.1 source distributions are available on ftp.mozilla.org for secure HTTPS download:
<https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_122_1_RTM/src/>
Changes:
- Bug 2030135 - improve error handling in PK11_ImportPrivateKeyInfoAndReturnKey.
- Bug 2029752 - Improving the allocation of S/MIME DecryptSymKey.
- Bug 2029462 - store email on subject cache_entry in NSS trust domain.
- Bug 2029425 - Heap use-after-free in cert_VerifyCertChainOld via dangling certsList[] entry on NameConstraints violation.
- Bug 2029323 - Improve size calculations in CMS content buffering.
- Bug 2028001 - avoid integer overflow while escaping RFC822 Names.
- Bug 2027378 - Reject excessively large ASN.1 SEQUENCE OF in quickder.
- Bug 2027365 - Deep copy profile data in CERT_FindSMimeProfile.
- Bug 2027345 - Improve input validation in DSAU signature decoding.
- Bug 2026311 - avoid integer overflow in RSA_EMSAEncodePSS.
- Bug 2026156 - Add a maximum cert uncompressed len and tests.
- Bug 2026089 - Clarify extension negotiation mechanism for TLS Handshakes.
- Bug 1935995 - make ss->ssl3.hs.cookie an owned-copy of the cookie.
Reply all
Reply to author
Forward
0 new messages