diff options
Diffstat (limited to 'nss/doc/rst')
| -rw-r--r-- | nss/doc/rst/releases/index.rst | 47 | ||||
| -rw-r--r-- | nss/doc/rst/releases/nss_3_100.rst | 64 | ||||
| -rw-r--r-- | nss/doc/rst/releases/nss_3_101.rst | 82 |
3 files changed, 180 insertions, 13 deletions
diff --git a/nss/doc/rst/releases/index.rst b/nss/doc/rst/releases/index.rst index 865aad2..9ab138f 100644 --- a/nss/doc/rst/releases/index.rst +++ b/nss/doc/rst/releases/index.rst @@ -8,6 +8,8 @@ Releases :glob: :hidden: + nss_3_101.rst + nss_3_100.rst nss_3_99.rst nss_3_98.rst nss_3_97.rst @@ -64,23 +66,42 @@ Releases .. note:: - **NSS 3.99** is the latest version of NSS. - Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_99_release_notes` + **NSS 3.101** is the latest version of NSS. + Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_101_release_notes` **NSS 3.90.2 (ESR)** is the latest version of NSS. Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_90_2_release_notes` .. container:: - Changes in 3.99 included in this release: - - - Bug 1325335 - Removing check for message len in ed25519 - - Bug 1884276 - add ed25519 to SECU_ecName2params. - - Bug 1325335 - add EdDSA wycheproof tests. - - Bug 1325335 - nss/lib layer code for EDDSA. - - Bug 1325335 - Adding EdDSA implementation. - - Bug 1881027 - Exporting Certificate Compression types - - Bug 1880857 - Updating ACVP docker to rust 1.74 - - Bug 1325335 - Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 - - Bug 1877730 - Add NSS_CMSRecipient_IsSupported. + Changes in 3.101 included in this release: + - Bug 1900413 - add diagnostic assertions for SFTKObject refcount. + - Bug 1899759 - freeing the slot in DeleteCertAndKey if authentication failed + - Bug 1899883 - fix formatting issues. + - Bug 1889671 - Add Firmaprofesional CA Root-A Web to NSS. + - Bug 1899593 - remove invalid acvp fuzz test vectors. + - Bug 1898830 - pad short P-384 and P-521 signatures gtests. + - Bug 1898627 - remove unused FreeBL ECC code. r=rrelyea + - Bug 1898830 - pad short P-384 and P-521 signatures. + - Bug 1898825 - be less strict about ECDSA private key length. + - Bug 1854439 - Integrate HACL* P-521. + - Bug 1854438 - Integrate HACL* P-384. + - Bug 1898074 - memory leak in create_objects_from_handles. + - Bug 1898858 - ensure all input is consumed in a few places in mozilla::pkix + - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy + - Bug 1748105 - clean up escape handling + - Bug 1896353 - Use lib::pkix as default validator instead of the old-one + - Bug 1827444 - Need to add high level support for PQ signing. + - Bug 1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation + - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy + - Bug 1893404 - Allow for non-full length ecdsa signature when using softoken + - Bug 1830415 - Modification of .taskcluster.yml due to mozlint indent defects + - Bug 1793811 - Implement support for PBMAC1 in PKCS#12 + - Bug 1897487 - disable VLA warnings for fuzz builds. + - Bug 1895032 - remove redundant AllocItem implementation. + - Bug 1893334 - add PK11_ReadDistrustAfterAttribute. + - Bug 215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update + - Bug 1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure + - Bug 1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile. + - Bug 1830415 - Switch to the mozillareleases/image_builder image
\ No newline at end of file diff --git a/nss/doc/rst/releases/nss_3_100.rst b/nss/doc/rst/releases/nss_3_100.rst new file mode 100644 index 0000000..11362b3 --- /dev/null +++ b/nss/doc/rst/releases/nss_3_100.rst @@ -0,0 +1,64 @@ +.. _mozilla_projects_nss_nss_3_100_release_notes: + +NSS 3.100 release notes +======================== + +`Introduction <#introduction>`__ +-------------------------------- + +.. container:: + + Network Security Services (NSS) 3.100 was released on *7th May 2024**. + +`Distribution Information <#distribution_information>`__ +-------------------------------------------------------- + +.. container:: + + The HG tag is NSS_3_100_RTM. NSS 3.100 requires NSPR 4.35 or newer. + + NSS 3.100 source distributions are available on ftp.mozilla.org for secure HTTPS download: + + - Source tarballs: + https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_100_RTM/src/ + + Other releases are available :ref:`mozilla_projects_nss_releases`. + +.. _changes_in_nss_3.100: + +`Changes in NSS 3.100 <#changes_in_nss_3.100>`__ +------------------------------------------------------------------ + +.. container:: + + - Bug 1893029 - merge pk11_kyberSlotList into pk11_ecSlotList for faster Xyber operations. + - Bug 1893752 - remove ckcapi. + - Bug 1893162 - avoid a potential PK11GenericObject memory leak. + - Bug 671060 - Remove incomplete ESDH code. + - Bug 215997 - Decrypt RSA OAEP encrypted messages. + - Bug 1887996 - Fix certutil CRLDP URI code. + - Bug 1890069 - Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys. + - Bug 676118: Add ability to encrypt and decrypt CMS messages using ECDH. + - Bug 676100 - Correct Templates for key agreement in smime/cmsasn.c. + - Bug 1548723 - Moving the decodedCert allocation to NSS. + - Bug 1885404 - Allow developers to speed up repeated local execution of NSS tests that depend on certificates. + +`Compatibility <#compatibility>`__ +---------------------------------- + +.. container:: + + NSS 3.100 shared libraries are backwards-compatible with all older NSS 3.x shared + libraries. A program linked with older NSS 3.x shared libraries will work with + this new version of the shared libraries without recompiling or + relinking. Furthermore, applications that restrict their use of NSS APIs to the + functions listed in NSS Public Functions will remain compatible with future + versions of the NSS shared libraries. + +`Feedback <#feedback>`__ +------------------------ + +.. container:: + + Bugs discovered should be reported by filing a bug report on + `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS). diff --git a/nss/doc/rst/releases/nss_3_101.rst b/nss/doc/rst/releases/nss_3_101.rst new file mode 100644 index 0000000..d067bff --- /dev/null +++ b/nss/doc/rst/releases/nss_3_101.rst @@ -0,0 +1,82 @@ +.. _mozilla_projects_nss_nss_3_101_release_notes: + +NSS 3.101 release notes +======================== + +`Introduction <#introduction>`__ +-------------------------------- + +.. container:: + + Network Security Services (NSS) 3.101 was released on *6 June 2024**. + +`Distribution Information <#distribution_information>`__ +-------------------------------------------------------- + +.. container:: + + The HG tag is NSS_3_101_RTM. NSS 3.101 requires NSPR 4.35 or newer. + + NSS 3.101 source distributions are available on ftp.mozilla.org for secure HTTPS download: + + - Source tarballs: + https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_101_RTM/src/ + + Other releases are available :ref:`mozilla_projects_nss_releases`. + +.. _changes_in_nss_3.101: + +`Changes in NSS 3.101 <#changes_in_nss_3.101>`__ +------------------------------------------------------------------ + +.. container:: + + - Bug 1900413 - add diagnostic assertions for SFTKObject refcount. + - Bug 1899759 - freeing the slot in DeleteCertAndKey if authentication failed + - Bug 1899883 - fix formatting issues. + - Bug 1889671 - Add Firmaprofesional CA Root-A Web to NSS. + - Bug 1899593 - remove invalid acvp fuzz test vectors. + - Bug 1898830 - pad short P-384 and P-521 signatures gtests. + - Bug 1898627 - remove unused FreeBL ECC code. r=rrelyea + - Bug 1898830 - pad short P-384 and P-521 signatures. + - Bug 1898825 - be less strict about ECDSA private key length. + - Bug 1854439 - Integrate HACL* P-521. + - Bug 1854438 - Integrate HACL* P-384. + - Bug 1898074 - memory leak in create_objects_from_handles. + - Bug 1898858 - ensure all input is consumed in a few places in mozilla::pkix + - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy + - Bug 1748105 - clean up escape handling + - Bug 1896353 - Use lib::pkix as default validator instead of the old-one + - Bug 1827444 - Need to add high level support for PQ signing. + - Bug 1548723 - Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation + - Bug 1884444 - SMIME/CMS and PKCS #12 do not integrate with modern NSS policy + - Bug 1893404 - Allow for non-full length ecdsa signature when using softoken + - Bug 1830415 - Modification of .taskcluster.yml due to mozlint indent defects + - Bug 1793811 - Implement support for PBMAC1 in PKCS#12 + - Bug 1897487 - disable VLA warnings for fuzz builds. + - Bug 1895032 - remove redundant AllocItem implementation. + - Bug 1893334 - add PK11_ReadDistrustAfterAttribute. + - Bug 215997 - Clang-formatting of SEC_GetMgfTypeByOidTag update + - Bug 1895012 - Set SEC_ERROR_LIBRARY_FAILURE on self-test failure + - Bug 1894572 - sftk_getParameters(): Fix fallback to default variable after error with configfile. + - Bug 1830415 - Switch to the mozillareleases/image_builder image + +`Compatibility <#compatibility>`__ +---------------------------------- + +.. container:: + + NSS 3.101 shared libraries are backwards-compatible with all older NSS 3.x shared + libraries. A program linked with older NSS 3.x shared libraries will work with + this new version of the shared libraries without recompiling or + relinking. Furthermore, applications that restrict their use of NSS APIs to the + functions listed in NSS Public Functions will remain compatible with future + versions of the NSS shared libraries. + +`Feedback <#feedback>`__ +------------------------ + +.. container:: + + Bugs discovered should be reported by filing a bug report on + `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS). |