blob: 0b2a546c8abdd7b6b8dac769adf8db944e898b00 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
.. _:
NSS 3.12.9 release notes
========================
.. _removed_functions:
`Removed functions <#removed_functions>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
2010-09-23
*Newsgroup:*\ `mozilla.dev.tech.crypto <news://news.mozilla.org/mozilla.dev.tech.crypto>`__
.. container::
:name: section_1
.. rubric:: Introduction
:name: Introduction_2
Network Security Services (NSS) 3.12.9 is a patch release for NSS 3.12. The bug fixes in NSS
3.12.9 are described in the "\ `Bugs Fixed <#bugsfixed>`__" section below.
NSS 3.12.9 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1.
.. container::
:name: section_2
.. rubric:: Distribution Information
:name: Distribution_Information
| The CVS tag for the NSS 3.12.9 release is ``NSS_3.12.9_RTM``. NSS 3.12.9 requires `NSPR
4.8.7 <https://www.mozilla.org/projects/nspr/release-notes/nspr486.html>`__.
| See the `Documentation <#docs>`__ section for the build instructions.
NSS 3.12.9 source distribution is also available on ``ftp.mozilla.org`` for secure HTTPS
download:
- Source tarballs:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3.12.9_RTM/src/.
You also need to download the NSPR 4.8.7 binary distributions to get the NSPR 4.8.7 header
files and shared libraries, which NSS 3.12.9 requires. NSPR 4.8.7 binary distributions are in
https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.7/.
.. container::
:name: section_3
.. rubric:: New in NSS 3.12.9
:name: New_in_NSS_3.12.9
.. container::
:name: section_5
.. container::
:name: section_6
.. rubric:: New SSL options
:name: New_SSL_options
.. container::
:name: section_7
.. rubric:: New error codes
:name: New_error_codes
.. container::
:name: section_8
.. rubric:: Bugs Fixed
:name: Bugs_Fixed
The following bugs have been fixed in NSS 3.12.9.
- `Bug 609068 <https://bugzilla.mozilla.org/show_bug.cgi?id=609068>`__: Implement J-PAKE in
FreeBL
- `Bug 607058 <https://bugzilla.mozilla.org/show_bug.cgi?id=607058>`__: crash [@
nss_cms_decoder_work_data]
- `Bug 613394 <https://bugzilla.mozilla.org/show_bug.cgi?id=613394>`__: November/December
2010 batch of NSS root CA changes
- `Bug 610843 <https://bugzilla.mozilla.org/show_bug.cgi?id=610843>`__: Need way to recover
softoken in child after fork()
- `Bug 617492 <https://bugzilla.mozilla.org/show_bug.cgi?id=617492>`__: Add
PK11_KeyGenWithTemplate function to pk11wrap (for Firefox Sync)
- `Bug 610162 <https://bugzilla.mozilla.org/show_bug.cgi?id=610162>`__: SHA-512 and SHA-384
hashes are incorrect for inputs of 512MB or larger when running under Windows and other
32-bit platforms (Fx 3.6.12 and 4.0b6)
- `Bug 518551 <https://bugzilla.mozilla.org/show_bug.cgi?id=518551>`__: Vfychain crashes in
PKITS tests.
- `Bug 536485 <https://bugzilla.mozilla.org/show_bug.cgi?id=536485>`__: crash during ssl
handshake in [@ intel_aes_decrypt_cbc_256]
- `Bug 444367 <https://bugzilla.mozilla.org/show_bug.cgi?id=444367>`__: NSS 3.12 softoken
returns the certificate type of a certificate object as CKC_X_509_ATTR_CERT.
- `Bug 620908 <https://bugzilla.mozilla.org/show_bug.cgi?id=620908>`__: certutil -T -d
"sql:." dumps core
- `Bug 584257 <https://bugzilla.mozilla.org/show_bug.cgi?id=584257>`__: Need a way to expand
partial private keys.
- `Bug 596798 <https://bugzilla.mozilla.org/show_bug.cgi?id=596798>`__: win_rand.c (among
others) uses unsafe \_snwprintf
- `Bug 597622 <https://bugzilla.mozilla.org/show_bug.cgi?id=597622>`__: Do not use the
SEC_ERROR_BAD_INFO_ACCESS_LOCATION error code for bad CRL distribution point URLs
- `Bug 619268 <https://bugzilla.mozilla.org/show_bug.cgi?id=619268>`__: Memory leaks in
CERT_ChangeCertTrust and CERT_SaveSMimeProfile
- `Bug 585518 <https://bugzilla.mozilla.org/show_bug.cgi?id=585518>`__: AddTrust Qualified CA
Root serial wrong in certdata.txt trust entry
- `Bug 337433 <https://bugzilla.mozilla.org/show_bug.cgi?id=337433>`__: Need
CERT_FindCertByNicknameOrEmailAddrByUsage
- `Bug 592939 <https://bugzilla.mozilla.org/show_bug.cgi?id=592939>`__: Expired CAs in
certdata.txt
.. container::
:name: section_9
.. rubric:: Documentation
:name: Documentation
NSS Documentation. New and revised documents available since the release of NSS 3.11 include
the following:
- `Build Instructions for NSS 3.11.4 and
above <https://www-archive.mozilla.org/projects/security/pki/nss/nss-3.11.4/nss-3.11.4-build>`__
- `NSS Shared DB <http://wiki.mozilla.org/NSS_Shared_DB>`__
.. container::
:name: section_10
.. rubric:: Compatibility
:name: Compatibility
NSS 3.12.9 shared libraries are backward compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.12.9 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS
APIs to the functions listed in `NSS Public Functions </en-US/ref/nssfunctions.html>`__ will
remain compatible with future versions of the NSS shared libraries.
.. container::
:name: section_11
.. rubric:: Feedback
:name: Feedback
Bugs discovered should be reported by filing a bug report with `mozilla.org
Bugzilla <https://bugzilla.mozilla.org/>`__ (product NSS).
|
