summaryrefslogtreecommitdiffstats
path: root/security/nss/doc
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/doc')
-rw-r--r--security/nss/doc/rst/releases/index.rst39
-rw-r--r--security/nss/doc/rst/releases/nss_3_99.rst62
2 files changed, 75 insertions, 26 deletions
diff --git a/security/nss/doc/rst/releases/index.rst b/security/nss/doc/rst/releases/index.rst
index 5ac6cb4bb0..865aad277a 100644
--- a/security/nss/doc/rst/releases/index.rst
+++ b/security/nss/doc/rst/releases/index.rst
@@ -8,6 +8,7 @@ Releases
:glob:
:hidden:
+ nss_3_99.rst
nss_3_98.rst
nss_3_97.rst
nss_3_96_1.rst
@@ -63,37 +64,23 @@ Releases
.. note::
- **NSS 3.98** is the latest version of NSS.
- Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_98_release_notes`
+ **NSS 3.99** is the latest version of NSS.
+ Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_99_release_notes`
**NSS 3.90.2 (ESR)** is the latest version of NSS.
Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_90_2_release_notes`
.. container::
- Changes in 3.98 included in this release:
+ Changes in 3.99 included in this release:
- - Bug 1780432 - (CVE-2023-5388) Timing attack against RSA decryption in TLS.
- - Bug 1879513 - Certificate Compression: enabling the check that the compression was advertised.
- - Bug 1831552 - Move Windows workers to nss-1/b-win2022-alpha.
- - Bug 1879945 - Remove Email trust bit from OISTE WISeKey Global Root GC CA.
- - Bug 1877344 - Replace `distutils.spawn.find_executable` with `shutil.which` within `mach` in `nss`.
- - Bug 1548723 - Certificate Compression: Updating nss_bogo_shim to support Certificate compression.
- - Bug 1548723 - TLS Certificate Compression (RFC 8879) Implementation.
- - Bug 1875356 - Add valgrind annotations to freebl kyber operations for constant-time execution tests.
- - Bug 1870673 - Set nssckbi version number to 2.66.
- - Bug 1874017 - Add Telekom Security roots.
- - Bug 1873095 - Add D-Trust 2022 S/MIME roots.
- - Bug 1865450 - Remove expired Security Communication RootCA1 root.
- - Bug 1876179 - move keys to a slot that supports concatenation in PK11_ConcatSymKeys.
- - Bug 1876800 - remove unmaintained tls-interop tests.
- - Bug 1874937 - bogo: add support for the -ipv6 and -shim-id shim flags.
- - Bug 1874937 - bogo: add support for the -curves shim flag and update Kyber expectations.
- - Bug 1874937 - bogo: adjust expectation for a key usage bit test.
- - Bug 1757758 - mozpkix: add option to ignore invalid subject alternative names.
- - Bug 1841029 - Fix selfserv not stripping `publicname:` from -X value.
- - Bug 1876390 - take ownership of ecckilla shims.
- - Bug 1874458 - add valgrind annotations to freebl/ec.c.
- - Bug 864039 - PR_INADDR_ANY needs PR_htonl before assignment to inet.ip.
- - Bug 1875965 - Update zlib to 1.3.1.
+ - Bug 1325335 - Removing check for message len in ed25519
+ - Bug 1884276 - add ed25519 to SECU_ecName2params.
+ - Bug 1325335 - add EdDSA wycheproof tests.
+ - Bug 1325335 - nss/lib layer code for EDDSA.
+ - Bug 1325335 - Adding EdDSA implementation.
+ - Bug 1881027 - Exporting Certificate Compression types
+ - Bug 1880857 - Updating ACVP docker to rust 1.74
+ - Bug 1325335 - Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552
+ - Bug 1877730 - Add NSS_CMSRecipient_IsSupported.
diff --git a/security/nss/doc/rst/releases/nss_3_99.rst b/security/nss/doc/rst/releases/nss_3_99.rst
new file mode 100644
index 0000000000..e4107700cf
--- /dev/null
+++ b/security/nss/doc/rst/releases/nss_3_99.rst
@@ -0,0 +1,62 @@
+.. _mozilla_projects_nss_nss_3_99_release_notes:
+
+NSS 3.99 release notes
+========================
+
+`Introduction <#introduction>`__
+--------------------------------
+
+.. container::
+
+ Network Security Services (NSS) 3.99 was released on *15th March 2024**.
+
+`Distribution Information <#distribution_information>`__
+--------------------------------------------------------
+
+.. container::
+
+ The HG tag is NSS_3_99_RTM. NSS 3.99 requires NSPR 4.35 or newer.
+
+ NSS 3.99 source distributions are available on ftp.mozilla.org for secure HTTPS download:
+
+ - Source tarballs:
+ https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_99_RTM/src/
+
+ Other releases are available :ref:`mozilla_projects_nss_releases`.
+
+.. _changes_in_nss_3.99:
+
+`Changes in NSS 3.99 <#changes_in_nss_3.99>`__
+------------------------------------------------------------------
+
+.. container::
+
+ - Bug 1325335 - Removing check for message len in ed25519
+ - Bug 1884276 - add ed25519 to SECU_ecName2params.
+ - Bug 1325335 - add EdDSA wycheproof tests.
+ - Bug 1325335 - nss/lib layer code for EDDSA.
+ - Bug 1325335 - Adding EdDSA implementation.
+ - Bug 1881027 - Exporting Certificate Compression types
+ - Bug 1880857 - Updating ACVP docker to rust 1.74
+ - Bug 1325335 - Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552
+ - Bug 1877730 - Add NSS_CMSRecipient_IsSupported.
+
+`Compatibility <#compatibility>`__
+----------------------------------
+
+.. container::
+
+ NSS 3.99 shared libraries are backwards-compatible with all older NSS 3.x shared
+ libraries. A program linked with older NSS 3.x shared libraries will work with
+ this new version of the shared libraries without recompiling or
+ relinking. Furthermore, applications that restrict their use of NSS APIs to the
+ functions listed in NSS Public Functions will remain compatible with future
+ versions of the NSS shared libraries.
+
+`Feedback <#feedback>`__
+------------------------
+
+.. container::
+
+ Bugs discovered should be reported by filing a bug report on
+ `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).