diff options
author | Dennis Jackson <djackson@mozilla.com> | 2022-04-28 11:17:13 +0100 |
---|---|---|
committer | Dennis Jackson <djackson@mozilla.com> | 2022-04-28 11:17:13 +0100 |
commit | 7fd664c830c54ef8fd12f9d93be6d64ec7f4b9c9 (patch) | |
tree | f6e937e153315b9eb2dad5bf3574f798226738c7 | |
parent | dea495ebb114f58579aa70e75c393a69932f5d87 (diff) | |
download | nss-hg-7fd664c830c54ef8fd12f9d93be6d64ec7f4b9c9.tar.gz |
Release notes for NSS 3.78
-rw-r--r-- | doc/rst/releases/index.rst | 36 | ||||
-rw-r--r-- | doc/rst/releases/nss_3_78.rst | 64 |
2 files changed, 75 insertions, 25 deletions
diff --git a/doc/rst/releases/index.rst b/doc/rst/releases/index.rst index 5a23443ab..c90c3f139 100644 --- a/doc/rst/releases/index.rst +++ b/doc/rst/releases/index.rst @@ -8,6 +8,7 @@ Releases :glob: :hidden: + nns_3_78.rst nns_3_77.rst nns_3_76_1.rst nns_3_76.rst @@ -32,8 +33,8 @@ Releases .. note:: - **NSS 3.77** is the latest version of NSS. - Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_77_release_notes` + **NSS 3.78** is the latest version of NSS. + Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_78_release_notes` **NSS 3.68.3** is the latest LTS version of NSS. Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_68_3_release_notes` @@ -41,28 +42,13 @@ Releases .. container:: - Changes in 3.77 included in this release: + Changes in 3.78 included in this release: - - Bug 1762244 - resolve mpitests build failure on Windows. - - Bug 1761779 - Fix link to TLS page on wireshark wiki - - Bug 1754890 - Add two D-TRUST 2020 root certificates. - - Bug 1751298 - Add Telia Root CA v2 root certificate. - - Bug 1751305 - Remove expired explicitly distrusted certificates from certdata.txt. - - Bug 1005084 - support specific RSA-PSS parameters in mozilla::pkix - - Bug 1753535 - Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate. - - Bug 1756271 - Remove token member from NSSSlot struct. - - Bug 1602379 - Provide secure variants of mpp_pprime and mpp_make_prime. - - Bug 1757279 - Support UTF-8 library path in the module spec string. - - Bug 1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun. - - Bug 1760827 - Add a CI Target for gcc-11. - - Bug 1760828 - Change to makefiles for gcc-4.8. - - Bug 1741688 - Update googletest to 1.11.0 - - Bug 1759525 - Add SetTls13GreaseEchSize to experimental API. - - Bug 1755264 - TLS 1.3 Illegal legacy_version handling/alerts. - - Bug 1755904 - Fix calculation of ECH HRR Transcript. - - Bug 1758741 - Allow ld path to be set as environment variable. - - Bug 1760653 - Ensure we don't read uninitialized memory in ssl gtests. - - Bug 1758478 - Fix DataBuffer Move Assignment. - - Bug 1552254 - internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3 - - Bug 1755092 - rework signature verification in mozilla::pkix + - Bug 1755264 - Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests. + - Bug 1294978 - Reworked overlong record size checks and added TLS1.3 specific boundaries. + - Bug 1763120 - Add ECH Grease Support to tstclnt + - Bug 1765003 - Add a strict variant of moz::pkix::CheckCertHostname. + - Bug 1166338 - Change SSL_REUSE_SERVER_ECDHE_KEY default to false. + - Bug 1760813 - Make SEC_PKCS12EnableCipher succeed + - Bug 1762489 - Update zlib in NSS to 1.2.12. diff --git a/doc/rst/releases/nss_3_78.rst b/doc/rst/releases/nss_3_78.rst new file mode 100644 index 000000000..5b6e1ddea --- /dev/null +++ b/doc/rst/releases/nss_3_78.rst @@ -0,0 +1,64 @@ +.. _mozilla_projects_nss_nss_3_78_release_notes: + +NSS 3.78 release notes +====================== + +`Introduction <#introduction>`__ +-------------------------------- + +.. container:: + + Network Security Services (NSS) 3.78 was released on **28 April 2022**. + + +.. _distribution_information: + +`Distribution Information <#distribution_information>`__ +-------------------------------------------------------- + +.. container:: + + The HG tag is NSS_3_78_RTM. NSS 3.78 requires NSPR 4.32 or newer. + + NSS 3.78 source distributions are available on ftp.mozilla.org for secure HTTPS download: + + - Source tarballs: + https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_78_RTM/src/ + + Other releases are available :ref:`mozilla_projects_nss_releases`. + +.. _changes_in_nss_3.78: + +`Changes in NSS 3.78 <#changes_in_nss_3.78>`__ +---------------------------------------------------- + +.. container:: + + - Bug 1755264 - Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests. + - Bug 1294978 - Reworked overlong record size checks and added TLS1.3 specific boundaries. + - Bug 1763120 - Add ECH Grease Support to tstclnt + - Bug 1765003 - Add a strict variant of moz::pkix::CheckCertHostname. + - Bug 1166338 - Change SSL_REUSE_SERVER_ECDHE_KEY default to false. + - Bug 1760813 - Make SEC_PKCS12EnableCipher succeed + - Bug 1762489 - Update zlib in NSS to 1.2.12. + + +`Compatibility <#compatibility>`__ +---------------------------------- + +.. container:: + + NSS 3.78 shared libraries are backwards-compatible with all older NSS 3.x shared + libraries. A program linked with older NSS 3.x shared libraries will work with + this new version of the shared libraries without recompiling or + relinking. Furthermore, applications that restrict their use of NSS APIs to the + functions listed in NSS Public Functions will remain compatible with future + versions of the NSS shared libraries. + +`Feedback <#feedback>`__ +------------------------ + +.. container:: + + Bugs discovered should be reported by filing a bug report on + `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS). |