From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- security/nss/doc/rst/releases/nss_3_88.rst | 82 ++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 security/nss/doc/rst/releases/nss_3_88.rst (limited to 'security/nss/doc/rst/releases/nss_3_88.rst') diff --git a/security/nss/doc/rst/releases/nss_3_88.rst b/security/nss/doc/rst/releases/nss_3_88.rst new file mode 100644 index 0000000000..188bbfbf3d --- /dev/null +++ b/security/nss/doc/rst/releases/nss_3_88.rst @@ -0,0 +1,82 @@ +.. _mozilla_projects_nss_nss_3_88_release_notes: + +NSS 3.88 release notes +====================== + +`Introduction <#introduction>`__ +-------------------------------- + +.. container:: + + Network Security Services (NSS) 3.88 was released on *9 February 2023**. + + +.. _distribution_information: + +`Distribution Information <#distribution_information>`__ +-------------------------------------------------------- + +.. container:: + + The HG tag is NSS_3_88_RTM. NSS 3.88 requires NSPR 4.35 or newer. + + NSS 3.88 source distributions are available on ftp.mozilla.org for secure HTTPS download: + + - Source tarballs: + https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_88_RTM/src/ + + Other releases are available :ref:`mozilla_projects_nss_releases`. + +.. _changes_in_nss_3.88: + +`Changes in NSS 3.88 <#changes_in_nss_3.88>`__ +---------------------------------------------------- + +.. container:: + + - Bug 1815870 - use a different treeherder symbol for each docker image build task. + - Bug 1815868 - pin an older version of the ubuntu:18.04 and 20.04 docker images + - Bug 1810702 - remove nested table in rst doc + - Bug 1815246 - Export NSS_CMSSignerInfo_GetDigestAlgTag. + - Bug 1812671 - build failure while implicitly casting SECStatus to PRUInt32. r=nss-reviewers,mt + - Bug 1212915 - Add check for ClientHello SID max length. This is tested by Bogo tests + - Bug 1771100 - Added EarlyData ALPN test support to BoGo shim. + - Bug 1790357 - ECH client - Discard resumption TLS < 1.3 Session(IDs|Tickets) if ECH configs are setup. + - Bug 1714245 - On HRR skip PSK incompatible with negotiated ciphersuites hash algorithm. + - Bug 1789410 - ECH client: Send ech_required alert on server negotiating TLS 1.2. Fixed misleading Gtest, enabled corresponding BoGo test. + - Bug 1771100 - Added Bogo ECH rejection test support. + - Bug 1771100 - Added ECH 0Rtt support to BoGo shim. + - Bug 1747957 - RSA OAEP Wycheproof JSON + - Bug 1747957 - RSA decrypt Wycheproof JSON + - Bug 1747957 - ECDSA Wycheproof JSON + - Bug 1747957 - ECDH Wycheproof JSON + - Bug 1747957 - PKCS#1v1.5 wycheproof json + - Bug 1747957 - Use X25519 wycheproof json + - Bug 1766767 - Move scripts to python3 + - Bug 1809627 - Properly link FuzzingEngine for oss-fuzz. + - Bug 1805907 - Extending RSA-PSS bltest test coverage (Adding SHA-256 and SHA-384) + - Bug 1804091 NSS needs to move off of DSA for integrity checks + - Bug 1805815 - Add initial testing with ACVP vector sets using acvp-rust + - Bug 1806369 - Don't clone libFuzzer, rely on clang instead + + + +`Compatibility <#compatibility>`__ +---------------------------------- + +.. container:: + + NSS 3.88 shared libraries are backwards-compatible with all older NSS 3.x shared + libraries. A program linked with older NSS 3.x shared libraries will work with + this new version of the shared libraries without recompiling or + relinking. Furthermore, applications that restrict their use of NSS APIs to the + functions listed in NSS Public Functions will remain compatible with future + versions of the NSS shared libraries. + +`Feedback <#feedback>`__ +------------------------ + +.. container:: + + Bugs discovered should be reported by filing a bug report on + `bugzilla.mozilla.org `__ (product NSS). -- cgit v1.2.3