diff options
author | John M. Schanck <jschanck@mozilla.com> | 2022-03-25 12:55:55 -0700 |
---|---|---|
committer | John M. Schanck <jschanck@mozilla.com> | 2022-03-25 12:55:55 -0700 |
commit | ca8068169a3ecede482d37712b1ce1ae35cd140d (patch) | |
tree | 0cde772cc01e8e78a4e66f0863a7a9150df0b1c7 /doc | |
parent | 6acf94be82348eeda9e4a5d72edfc9cf4b1860c1 (diff) | |
download | nss-hg-ca8068169a3ecede482d37712b1ce1ae35cd140d.tar.gz |
Release notes for NSS 3.68.3
Diffstat (limited to 'doc')
-rw-r--r-- | doc/rst/releases/nss_3_68_3.rst | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/doc/rst/releases/nss_3_68_3.rst b/doc/rst/releases/nss_3_68_3.rst new file mode 100644 index 000000000..f33f3b495 --- /dev/null +++ b/doc/rst/releases/nss_3_68_3.rst @@ -0,0 +1,72 @@ +.. _mozilla_projects_nss_nss_3_68_3_release_notes: + +NSS 3.68.3 (ESR) release notes +============================== + +`Introduction <#introduction>`__ +-------------------------------- + +.. container:: + + Network Security Services (NSS) 3.68.3 (ESR) was released on **28 March 2022**. + +.. _distribution_information: + +`Distribution Information <#distribution_information>`__ +-------------------------------------------------------- + +.. container:: + + The HG tag is NSS_3_68_3_RTM. NSS 3.68.3 requires NSPR 4.32 or newer. + + NSS 3.68.3 source distributions are available on ftp.mozilla.org for secure HTTPS download: + + - Source tarballs: + https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_68_3_RTM/src/ + + Other releases are available :ref:`mozilla_projects_nss_releases`. + +.. _changes_in_nss_3.68.3: + +`Changes in NSS 3.68.3 <#changes_in_nss_3.68.3>`__ +---------------------------------------------------- + +.. container:: + + - Bug 1756271 - Remove token member from NSSSlot struct. + - Bug 1755555 - Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots. + - Bug 1370866 - Check return value of PK11Slot_GetNSSToken. + + + +`Compatibility <#compatibility>`__ +---------------------------------- + +.. container:: + + NSS 3.68.3 shared libraries are backwards-compatible with all older NSS 3.x shared + libraries. A program linked with older NSS 3.x shared libraries will work with + this new version of the shared libraries without recompiling or + relinking. Furthermore, applications that restrict their use of NSS APIs to the + functions listed in NSS Public Functions will remain compatible with future + versions of the NSS shared libraries. + +`Feedback <#feedback>`__ +------------------------ + +.. container:: + + Bugs discovered should be reported by filing a bug report on + `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS). + + +`Notes <#notes>`__ +------------------ + +.. container:: + + This release improves the stability of NSS when used in a multi-threaded + environment. In particular, it fixes memory safety violations that can occur + when PKCS#11 tokens are removed while in use (CVE-2022-1097). We presume + that with enough effort these memory safety violations are exploitable. + |