Benjamin Beurdouche
2021-05-14 16:48:00 UTC
Dear all,
Network Security Services (NSS) 3.65 was released on May 13th, 2021.
The HG tag is NSS_3_65_RTM. NSS 3.65 requires NSPR 4.30 or newer.
NSS 3.65 source distributions are available on ftp.mozilla.org <http://ftp.mozilla.org/> for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_65_RTM/src/ <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_65_RTM/src/>
Bugs fixed in NSS 3.65:
* Bug 1709654 - Update for NetBSD configuration.
* Bug 1709750 - Disable HPKE test when fuzzing.
* Bug 1566124 - Optimize AES-GCM for ppc64le.
* Bug 1699021 - Add AES-256-GCM to HPKE.
* Bug 1698419 - ECH -10 updates.
* Bug 1692930 - Update HPKE to final version.
* Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* Bug 1703936 - New coverity/cpp scanner errors.
* Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.
NSS 3.65 shared libraries are backward compatible with all older NSS 3.x shared libraries.
A program linked with older NSS 3.x shared libraries will work with this shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions
of the NSS shared libraries.
Bugs discovered should be reported by filing a bug report with bugzilla.mozilla.org <http://bugzilla.mozilla.org/> (product NSS).
The release notes will be available at:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.65_release_notes <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.65_release_notes>
-- Notes: â
Due to some changes in the Firefox release cycle, NSS 3.67 has yet to be added
to the NSS release schedule (3.66 is not affected). I will announce the date to
this list once defined.
Best,
Benjamin
Network Security Services (NSS) 3.65 was released on May 13th, 2021.
The HG tag is NSS_3_65_RTM. NSS 3.65 requires NSPR 4.30 or newer.
NSS 3.65 source distributions are available on ftp.mozilla.org <http://ftp.mozilla.org/> for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_65_RTM/src/ <https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_65_RTM/src/>
Bugs fixed in NSS 3.65:
* Bug 1709654 - Update for NetBSD configuration.
* Bug 1709750 - Disable HPKE test when fuzzing.
* Bug 1566124 - Optimize AES-GCM for ppc64le.
* Bug 1699021 - Add AES-256-GCM to HPKE.
* Bug 1698419 - ECH -10 updates.
* Bug 1692930 - Update HPKE to final version.
* Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
* Bug 1703936 - New coverity/cpp scanner errors.
* Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
* Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
* Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.
NSS 3.65 shared libraries are backward compatible with all older NSS 3.x shared libraries.
A program linked with older NSS 3.x shared libraries will work with this shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions
of the NSS shared libraries.
Bugs discovered should be reported by filing a bug report with bugzilla.mozilla.org <http://bugzilla.mozilla.org/> (product NSS).
The release notes will be available at:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.65_release_notes <https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.65_release_notes>
-- Notes: â
Due to some changes in the Firefox release cycle, NSS 3.67 has yet to be added
to the NSS release schedule (3.66 is not affected). I will announce the date to
this list once defined.
Best,
Benjamin
--
You received this message because you are subscribed to the Google Groups "dev-tech-***@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-crypto+***@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/C13E1D29-D0D1-48E8-9261-82598BB28D1E%40mozilla.com.
You received this message because you are subscribed to the Google Groups "dev-tech-***@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-crypto+***@mozilla.org.
To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/C13E1D29-D0D1-48E8-9261-82598BB28D1E%40mozilla.com.