Dear all, Network Security Services (NSS) 3.105 was tagged on 26th September 2024 and released today.
The HG tag is NSS_3_105_RTM. This version of NSS requires NSPR 4.35 or newer. NSS 3.105 source distributions are available on ftp.mozilla.org <http://ftp.mozilla.org/> for secure HTTPS download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_105_RTM/src/ Changes: Bug 1915792 - Allow importing PKCS#8 private EC keys missing public key Bug 1909768 - UBSAN fix: applying zero offset to null pointer in sslsnce.c Bug 1919577 - set KRML_MUSTINLINE=inline in makefile builds Bug 1918965 - Don't set CKA_SIGN for CKK_EC_MONTGOMERY private keys Bug 1918767 - override default definition of KRML_MUSTINLINE Bug 1916525 - libssl support for mlkem768x25519 Bug 1916524 - support for ML-KEM-768 in softoken and pk11wrap Bug 1866841 - Add Libcrux implementation of ML-KEM 768 to FreeBL Bug 1911912 - Avoid misuse of ctype(3) functions Bug 1917311 - part 2: run clang-format Bug 1917311 - part 1: upgrade to clang-format 13 Bug 1916953 - clang-format fuzz Bug 1910370 - DTLS client message buffer may not empty be on retransmit Bug 1916413 - Optionally print config for TLS client and server fuzz target Bug 1916059 - Fix some simple documentation issues in NSS. Bug 1915439 - improve performance of NSC_FindObjectsInit when template has CKA_TOKEN attr Bug 1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN NSS 3.105 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with this new version of the shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries. Bugs discovered should be reported by filing a bug report at <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS> Release notes are available at <https://firefox-source-docs.mozilla.org/security/nss/releases/index.html>. Best, Anna and Benjamin -- You received this message because you are subscribed to the Google Groups "dev-tech-crypto@mozilla.org" group. To unsubscribe from this group and stop receiving emails from it, send an email to dev-tech-crypto+unsubscr...@mozilla.org. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/2036A011-D03D-4B6B-86CC-AA098D509570%40mozilla.com.
