nss_3_104.rst (3518B)
1 .. _mozilla_projects_nss_nss_3_104_release_notes: 2 3 NSS 3.104 release notes 4 ======================== 5 6 `Introduction <#introduction>`__ 7 -------------------------------- 8 9 .. container:: 10 11 Network Security Services (NSS) 3.104 was released on *1 August 2024**. 12 13 `Distribution Information <#distribution_information>`__ 14 -------------------------------------------------------- 15 16 .. container:: 17 18 The HG tag is NSS_3_104_RTM. NSS 3.104 requires NSPR 4.35 or newer. 19 20 NSS 3.104 source distributions are available on ftp.mozilla.org for secure HTTPS download: 21 22 - Source tarballs: 23 https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_104_RTM/src/ 24 25 Other releases are available :ref:`mozilla_projects_nss_releases`. 26 27 .. _changes_in_nss_3.104: 28 29 `Changes in NSS 3.104 <#changes_in_nss_3.104>`__ 30 ------------------------------------------------------------------ 31 32 .. container:: 33 34 - Bug 1910071 - Copy original corpus to heap-allocated buffer 35 - Bug 1910079 - Fix min ssl version for DTLS client fuzzer 36 - Bug 1908990 - Remove OS2 support just like we did on NSPR 37 - Bug 1910605 - clang-format NSS improvements 38 - Bug 1902078 - Adding basicutil.h to use HexString2SECItem function 39 - Bug 1908990 - removing dirent.c from build 40 - Bug 1902078 - Allow handing in keymaterial to shlibsign to make the output reproducible ( 41 - Bug 1908990 - remove nec4.3, sunos4, riscos and SNI references 42 - Bug 1908990 - remove other old OS (BSDI, old HP UX, NCR, openunix, sco, unixware or reliantUnix 43 - Bug 1908990 - remove mentions of WIN95 44 - Bug 1908990 - remove mentions of WIN16 45 - Bug 1913750 - More explicit directory naming 46 - Bug 1913755 - Add more options to TLS server fuzz target 47 - Bug 1913675 - Add more options to TLS client fuzz target 48 - Bug 1835240 - Use OSS-Fuzz corpus in NSS CI 49 - Bug 1908012 - set nssckbi version number to 2.70. 50 - Bug 1914499 - Remove Email Trust bit from ACCVRAIZ1 root cert. 51 - Bug 1908009 - Remove Email Trust bit from certSIGN ROOT CA. 52 - Bug 1908006 - Add Cybertrust Japan Roots to NSS. 53 - Bug 1908004 - Add Taiwan CA Roots to NSS. 54 - Bug 1911354 - remove search by decoded serial in nssToken_FindCertificateByIssuerAndSerialNumber. 55 - Bug 1913132 - Fix tstclnt CI build failure 56 - Bug 1913047 - vfyserv: ensure peer cert chain is in db for CERT_VerifyCertificateNow. 57 - Bug 1912427 - Enable all supported protocol versions for UDP 58 - Bug 1910361 - Actually use random PSK hash type 59 - Bug 1911576: Initialize NSS DB once 60 - Bug 1910361 - Additional ECH cipher suites and PSK hash types 61 - Bug 1903604: Automate corpus file generation for TLS client Fuzzer 62 - Bug 1910364 - Fix crash with UNSAFE_FUZZER_MODE 63 - Bug 1910605 - clang-format shlibsign.c 64 65 `Compatibility <#compatibility>`__ 66 ---------------------------------- 67 68 .. container:: 69 70 NSS 3.104 shared libraries are backwards-compatible with all older NSS 3.x shared 71 libraries. A program linked with older NSS 3.x shared libraries will work with 72 this new version of the shared libraries without recompiling or 73 relinking. Furthermore, applications that restrict their use of NSS APIs to the 74 functions listed in NSS Public Functions will remain compatible with future 75 versions of the NSS shared libraries. 76 77 `Feedback <#feedback>`__ 78 ------------------------ 79 80 .. container:: 81 82 Bugs discovered should be reported by filing a bug report on 83 `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).