tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

nss_3_83.rst (3225B)

      1 .. _mozilla_projects_nss_nss_3_83_release_notes:
      2 
      3 NSS 3.83 release notes
      4 ======================
      5 
      6 `Introduction <#introduction>`__
      7 --------------------------------
      8 
      9 .. container::
     10 
     11   Network Security Services (NSS) 3.83 was released on **15 September 2022**.
     12 
     13 
     14 
     15 
     16 `Distribution Information <#distribution_information>`__
     17 --------------------------------------------------------
     18 
     19 .. container::
     20 
     21   The HG tag is NSS_3_83_RTM. NSS 3.83 requires NSPR 4.34.1 or newer.
     22 
     23   NSS 3.83 source distributions are available on ftp.mozilla.org for secure HTTPS download:
     24 
     25   -  Source tarballs:
     26      https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_83_RTM/src/
     27 
     28   Other releases are available :ref:`mozilla_projects_nss_releases`.
     29 
     30 .. _changes_in_nss_3.83:
     31 
     32 `Changes in NSS 3.83 <#changes_in_nss_3.83>`__
     33 ----------------------------------------------------
     34 
     35 .. container::
     36 
     37   - Bug 1788875 - Remove set-but-unused variables from SEC_PKCS12DecoderValidateBags
     38   - Bug 1563221 - remove older oses that are unused part3/ BeOS
     39   - Bug 1563221 - remove older unix support in NSS part 3 Irix
     40   - Bug 1563221 - remove support for older unix in NSS part 2 DGUX
     41   - Bug 1563221 - remove support for older unix in NSS part 1 OSF
     42   - Bug 1778413 - Set nssckbi version number to 2.58
     43   - Bug 1785297 - Add two SECOM root certificates to NSS
     44   - Bug 1787075 - Add two DigitalSign root certificates to NSS
     45   - Bug 1778412 - Remove Camerfirma Global Chambersign Root from NSS
     46   - Bug 1771100 - Added bug reference and description to disabled UnsolicitedServerNameAck bogo ECH test
     47   - Bug 1779361 - Removed skipping of ECH on equality of private and public SNI server name
     48   - Bug 1779357 - Added comment and bug reference to ECHRandomHRRExtension bogo test
     49   - Bug 1779370 - Added Bogo shim client HRR test support. Fixed overwriting of CHInner.random on HRR
     50   - Bug 1779234 - Added check for server only sending ECH extension with retry configs in EncryptedExtensions and if not accepting ECH. Changed config setting behavior to skip configs with unsupported mandatory extensions instead of failing
     51   - Bug 1771100 - Added ECH client support to BoGo shim. Changed CHInner creation to skip TLS 1.2 only extensions to comply with BoGo
     52   - Bug 1771100 - Added ECH server support to BoGo shim. Fixed NSS ECH server accept_confirmation bugs
     53   - Bug 1771100 - Update BoGo tests to recent BoringSSL version
     54   - Bug 1785846 - Bump minimum NSPR version to 4.34.1
     55 
     56 `Compatibility <#compatibility>`__
     57 ----------------------------------
     58 
     59 .. container::
     60 
     61   NSS 3.83 shared libraries are backwards-compatible with all older NSS 3.x shared
     62   libraries. A program linked with older NSS 3.x shared libraries will work with
     63   this new version of the shared libraries without recompiling or
     64   relinking. Furthermore, applications that restrict their use of NSS APIs to the
     65   functions listed in NSS Public Functions will remain compatible with future
     66   versions of the NSS shared libraries.
     67 
     68 `Feedback <#feedback>`__
     69 ------------------------
     70 
     71 .. container::
     72 
     73   Bugs discovered should be reported by filing a bug report on
     74   `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).