nss_3_101.rst (3665B)
1 .. _mozilla_projects_nss_nss_3_101_release_notes: 2 3 NSS 3.101 release notes 4 ======================== 5 6 `Introduction <#introduction>`__ 7 -------------------------------- 8 9 .. container:: 10 11 Network Security Services (NSS) 3.101 was released on *6 June 2024**. NSS 3.101 is an ESR release. 12 13 `Distribution Information <#distribution_information>`__ 14 -------------------------------------------------------- 15 16 .. container:: 17 18 The HG tag is NSS_3_101_RTM. NSS 3.101 requires NSPR 4.35 or newer. 19 20 NSS 3.101 source distributions are available on ftp.mozilla.org for secure HTTPS download: 21 22 - Source tarballs: 23 https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_101_RTM/src/ 24 25 Other releases are available :ref:`mozilla_projects_nss_releases`. 26 27 .. _changes_in_nss_3.101: 28 29 `Changes in NSS 3.101 <#changes_in_nss_3.101>`__ 30 ------------------------------------------------------------------ 31 32 .. container:: 33 34 - Bug 1900413 - add diagnostic assertions for SFTKObject refcount. 35 - Bug 1899759 - freeing the slot in DeleteCertAndKey if authentication failed 36 - Bug 1899883 - fix formatting issues. 37 - Bug 1889671 - Add Firmaprofesional CA Root-A Web to NSS. 38 - Bug 1899593 - remove invalid acvp fuzz test vectors. 39 - Bug 1898830 - pad short P-384 and P-521 signatures gtests. 40 - Bug 1898627 - remove unused FreeBL ECC code. r=rrelyea 41 - Bug 1898830 - pad short P-384 and P-521 signatures. 42 - Bug 1898825 - be less strict about ECDSA private key length. 43 - Bug 1854439 - Integrate HACL* P-521. 44 - Bug 1854438 - Integrate HACL* P-384. 45 - Bug 1898074 - memory leak in create_objects_from_handles. 46 - Bug 1898858 - ensure all input is consumed in a few places in mozilla::pkix 47 - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy 48 - Bug 1748105 - clean up escape handling 49 - Bug 1896353 - Use lib::pkix as default validator instead of the old-one 50 - Bug 1827444 - Need to add high level support for PQ signing. 51 - Bug 1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation 52 - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy 53 - Bug 1893404 - Allow for non-full length ecdsa signature when using softoken 54 - Bug 1830415 - Modification of .taskcluster.yml due to mozlint indent defects 55 - Bug 1793811 - Implement support for PBMAC1 in PKCS#12 56 - Bug 1897487 - disable VLA warnings for fuzz builds. 57 - Bug 1895032 - remove redundant AllocItem implementation. 58 - Bug 1893334 - add PK11_ReadDistrustAfterAttribute. 59 - Bug 215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update 60 - Bug 1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure 61 - Bug 1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile. 62 - Bug 1830415 - Switch to the mozillareleases/image_builder image 63 64 `Compatibility <#compatibility>`__ 65 ---------------------------------- 66 67 .. container:: 68 69 NSS 3.101 shared libraries are backwards-compatible with all older NSS 3.x shared 70 libraries. A program linked with older NSS 3.x shared libraries will work with 71 this new version of the shared libraries without recompiling or 72 relinking. Furthermore, applications that restrict their use of NSS APIs to the 73 functions listed in NSS Public Functions will remain compatible with future 74 versions of the NSS shared libraries. 75 76 `Feedback <#feedback>`__ 77 ------------------------ 78 79 .. container:: 80 81 Bugs discovered should be reported by filing a bug report on 82 `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).