Dear all, Network Security Services (NSS) 3.103 was released on 1st August 2024.
The HG tag is NSS_3_103_RTM. This version of NSS requires NSPR 4.35 or newer. NSS 3.103 source distributions are available on ftp.mozilla.org for secure HTTPS download: <https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_103_RTM/src/> Changes: - Bug 1908623 - move list size check after lock acquisition in sftk_PutObjectToList. - Bug 1899542 - Add fuzzing support for SSL_ENABLE_POST_HANDSHAKE_AUTH. - Bug 1909638 - Follow-up to fix test for presence of file nspr.patch. - Bug 1903783 - Adjust libFuzzer size limits. - Bug 1899542 - Add fuzzing support for SSL_SetCertificateCompressionAlgorithm, SSL_SetClientEchConfigs, SSL_VersionRangeSet and SSL_AddExternalPsk. - Bug 1899542 - Add fuzzing support for SSL_ENABLE_GREASE and SSL_ENABLE_CH_EXTENSION_PERMUTATION. - Bug 1909638 - NSS automation should always cleanup the NSPR tree. - Bug 590806 - Freeing symKey in pk11_PubDeriveECKeyWithKDF when a key_size is 0 and wrong kd. - Bug 1908831 - Don't link zlib where it's not needed. - Bug 1908597 - Removing dead code from X25519 seckey. - Bug 1905691 - ChaChaXor to return after the functio. - Bug 1900416 - NSS Support of X25519 import/export functionalit. - Bug 1890618 - add PeerCertificateChainDER function to libssl. - Bug 1908190 - fix definitions of freeblCipher_native_aes_*_worker on arm. - Bug 1907743 - pk11mode: avoid passing null phKey to C_DeriveKey. - Bug 1902119 - reuse X25519 share when offering both X25519 and Xyber768d00. - Set nssckbi version number to 2.69. - Bug 1904404 - add NSS_DISABLE_NSPR_TESTS option to makefile. - Bug 1905746 - avoid calling functions through pointers of incompatible type. - Bug 1905783 - merge docker-fuzz32 and docker-fuzz images. - Bug 1903373 - fix several scan-build warnings. NSS 3.103 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with this new version of the shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries. Bugs discovered should be reported by filing a bug report at <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS> Release notes are available at <https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>. Best, Anna -- You received this message because you are subscribed to the Google Groups "dev-tech-crypto@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-crypto+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/CAMeH0%2BosuA9u0CauzNYRengUTCU1z_oaMNwL2Aw8EEx7PTh7Ew%40mail.gmail.com.
