[ANNOUNCE] NSS 3.19.2 Release

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[ANNOUNCE] NSS 3.19.2 Release

Ryan Sleevi
The NSS Development Team announces the release of NSS 3.19.2

Network Security Services (NSS) is a patch release for NSS 3.19.

No new functionality is introduced in this release. This release addresses
a backwards compatibility issue with the NSS 3.19.1 release.

Notable Changes:
* In NSS 3.19.1, the minimum key sizes that the freebl cryptographic
implementation (part of the softoken cryptographic module used by default
by NSS) was willing to generate or use was increased - for RSA keys, to
512 bits, and for DH keys, 1023 bits. This was done as part of a security
fix for Bug 1138554 / CVE-2015-4000. Applications that requested or
attempted to use keys smaller then the minimum size would fail. However,
this change in behaviour unintentionally broke existing NSS applications
that need to generate or use such keys, via APIs such as
SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey.

In NSS 3.19.2, this change in freebl behaviour has been reverted. The fix
for Bug 1138554 has been moved to libssl, and will now only affect the
minimum keystrengths used in SSL/TLS.


The full release notes are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2_release_notes

In addition to this release, the release notes for NSS 3.19 and NSS 3.19.1
have been updated to highlight that both releases contain important
security fixes - CVE-2015-2721 in NSS 3.19, CVE-2015-4000 in NSS 3.19.1.

The updated release notes for NSS 3.19 are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes

The updated release notes for NSS 3.19.1 are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes


The HG tag for NSS 3.19.2 is NSS_3_19_2_RTM. NSS 3.19.2 requires NSPR
4.10.8 or newer.

NSS 3.19.2 source distributions are available on ftp.mozilla.org for
secure HTTPS download:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/

A complete list of all bugs resolved in this release can be obtained at
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.19.2

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto
Reply | Threaded
Open this post in threaded view
|

Re: [ANNOUNCE] NSS 3.19.2 Release

Opa114-2
Am Samstag, 20. Juni 2015 04:04:34 UTC+2 schrieb Ryan Sleevi:

> The NSS Development Team announces the release of NSS 3.19.2
>
> Network Security Services (NSS) is a patch release for NSS 3.19.
>
> No new functionality is introduced in this release. This release addresses
> a backwards compatibility issue with the NSS 3.19.1 release.
>
> Notable Changes:
> * In NSS 3.19.1, the minimum key sizes that the freebl cryptographic
> implementation (part of the softoken cryptographic module used by default
> by NSS) was willing to generate or use was increased - for RSA keys, to
> 512 bits, and for DH keys, 1023 bits. This was done as part of a security
> fix for Bug 1138554 / CVE-2015-4000. Applications that requested or
> attempted to use keys smaller then the minimum size would fail. However,
> this change in behaviour unintentionally broke existing NSS applications
> that need to generate or use such keys, via APIs such as
> SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey.
>
> In NSS 3.19.2, this change in freebl behaviour has been reverted. The fix
> for Bug 1138554 has been moved to libssl, and will now only affect the
> minimum keystrengths used in SSL/TLS.
>
>
> The full release notes are available at
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2_release_notes
>
> In addition to this release, the release notes for NSS 3.19 and NSS 3.19.1
> have been updated to highlight that both releases contain important
> security fixes - CVE-2015-2721 in NSS 3.19, CVE-2015-4000 in NSS 3.19.1.
>
> The updated release notes for NSS 3.19 are available at
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes
>
> The updated release notes for NSS 3.19.1 are available at
> https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
>
>
> The HG tag for NSS 3.19.2 is NSS_3_19_2_RTM. NSS 3.19.2 requires NSPR
> 4.10.8 or newer.
>
> NSS 3.19.2 source distributions are available on ftp.mozilla.org for
> secure HTTPS download:
> https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/
>
> A complete list of all bugs resolved in this release can be obtained at
> https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.19.2

very nice. But can you tell me, when JSS will be optimized and ported to a newer version of NSS? JSS is at the moment not usable :(
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto