The NSS team has released Network Security Services (NSS) 3.29.1
No new functionality is introduced in this release.
This is a patch release to fix binary compatibility issues.
NSS version 3.28, 3.28.1, 3.28.2 and 3.29 contained changes that were in
violation with the NSS compatibility promise.
ECParams, which is part of the public API of the freebl/softokn parts of NSS,
had been changed to include an additional attribute. That size increase caused
crashes or malfunctioning with applications that use that data structure
directly, or indirectly through ECPublicKey, ECPrivateKey, NSSLOWKEYPublicKey,
NSSLOWKEYPrivateKey, or potentially other data structures that reference
ECParams. The change has been reverted to the original state in bug 1334108.
SECKEYECPublicKey had been extended with a new attribute, named "encoding". If
an application passed type SECKEYECPublicKey to NSS (as part of
SECKEYPublicKey), the NSS library read the uninitialized attribute. With this
NSS release SECKEYECPublicKey.encoding is deprecated. NSS no longer reads the
attribute, and will always set it to ECPoint_Undefined. See bug 1340103.
(Note that NSS 3.28.3 from the older NSS 3.28.x branch has also been released
with the identical fixes.)