tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

nss_3_88.rst (3297B)

      1 .. _mozilla_projects_nss_nss_3_88_release_notes:
      2 
      3 NSS 3.88 release notes
      4 ======================
      5 
      6 `Introduction <#introduction>`__
      7 --------------------------------
      8 
      9 .. container::
     10 
     11   Network Security Services (NSS) 3.88 was released on *9 February 2023**.
     12 
     13 
     14 
     15 
     16 `Distribution Information <#distribution_information>`__
     17 --------------------------------------------------------
     18 
     19 .. container::
     20 
     21   The HG tag is NSS_3_88_RTM. NSS 3.88 requires NSPR 4.35 or newer.
     22 
     23   NSS 3.88 source distributions are available on ftp.mozilla.org for secure HTTPS download:
     24 
     25   -  Source tarballs:
     26      https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_88_RTM/src/
     27 
     28   Other releases are available :ref:`mozilla_projects_nss_releases`.
     29 
     30 .. _changes_in_nss_3.88:
     31 
     32 `Changes in NSS 3.88 <#changes_in_nss_3.88>`__
     33 ----------------------------------------------------
     34 
     35 .. container::
     36 
     37   - Bug 1815870 - use a different treeherder symbol for each docker image build task.
     38   - Bug 1815868 - pin an older version of the ubuntu:18.04 and 20.04 docker images
     39   - Bug 1810702 - remove nested table in rst doc
     40   - Bug 1815246 - Export NSS_CMSSignerInfo_GetDigestAlgTag.
     41   - Bug 1812671 - build failure while implicitly casting SECStatus to PRUInt32. r=nss-reviewers,mt
     42   - Bug 1212915 - Add check for ClientHello SID max length. This is tested by Bogo tests
     43   - Bug 1771100 - Added EarlyData ALPN test support to BoGo shim.
     44   - Bug 1790357 - ECH client - Discard resumption TLS < 1.3 Session(IDs|Tickets) if ECH configs are setup.
     45   - Bug 1714245 - On HRR skip PSK incompatible with negotiated ciphersuites hash algorithm.
     46   - Bug 1789410 - ECH client: Send ech_required alert on server negotiating TLS 1.2. Fixed misleading Gtest, enabled corresponding BoGo test.
     47   - Bug 1771100 - Added Bogo ECH rejection test support.
     48   - Bug 1771100 - Added ECH 0Rtt support to BoGo shim.
     49   - Bug 1747957 - RSA OAEP Wycheproof JSON
     50   - Bug 1747957 - RSA decrypt Wycheproof JSON
     51   - Bug 1747957 - ECDSA Wycheproof JSON
     52   - Bug 1747957 - ECDH Wycheproof JSON
     53   - Bug 1747957 - PKCS#1v1.5 wycheproof json
     54   - Bug 1747957 - Use X25519 wycheproof json
     55   - Bug 1766767 - Move scripts to python3
     56   - Bug 1809627 - Properly link FuzzingEngine for oss-fuzz.
     57   - Bug 1805907 - Extending RSA-PSS bltest test coverage (Adding SHA-256 and SHA-384)
     58   - Bug 1804091 NSS needs to move off of DSA for integrity checks
     59   - Bug 1805815 - Add initial testing with ACVP vector sets using acvp-rust
     60   - Bug 1806369 - Don't clone libFuzzer, rely on clang instead
     61 
     62 
     63 
     64 `Compatibility <#compatibility>`__
     65 ----------------------------------
     66 
     67 .. container::
     68 
     69   NSS 3.88 shared libraries are backwards-compatible with all older NSS 3.x shared
     70   libraries. A program linked with older NSS 3.x shared libraries will work with
     71   this new version of the shared libraries without recompiling or
     72   relinking. Furthermore, applications that restrict their use of NSS APIs to the
     73   functions listed in NSS Public Functions will remain compatible with future
     74   versions of the NSS shared libraries.
     75 
     76 `Feedback <#feedback>`__
     77 ------------------------
     78 
     79 .. container::
     80 
     81   Bugs discovered should be reported by filing a bug report on
     82   `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).