[ANNOUNCE] NSS 3.32 Release

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ANNOUNCE] NSS 3.32 Release

Kai Engert-4
The NSS team has released Network Security Services (NSS) 3.32,
which is a minor release.

Below is a summary of the changes.

Please refer to the full release notes for additional details,
including the SHA256 fingerprints of the changed CA certificates.
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.32_release_notes

Notable Changes:
================
* Various minor improvements and correctness fixes.
* The Code Signing trust bit was turned off for all included root certificates.
* The Websites (TLS/SSL) trust bit was turned off for the following root
  certificates:
  - CN = AddTrust Class 1 CA Root
  - CN = Swisscom Root CA 2
* The following CA certificates were Removed:
  - CN = AddTrust Public CA Root
  - CN = AddTrust Qualified CA Root
  - CN = China Internet Network Information Center EV Certificates Root
  - CN = CNNIC ROOT
  - CN = ComSign Secured CA
  - CN = GeoTrust Global CA 2
  - CN = Secure Certificate Services
  - CN = Swisscom Root CA 1
  - CN = Swisscom Root EV CA 2
  - CN = Trusted Certificate Services
  - CN = UTN-USERFirst-Hardware
  - CN = UTN-USERFirst-Object

The HG tag is NSS_3_32_RTM. NSS 3.32 requires NSPR 4.16 or newer.

NSS 3.32 source distributions are available for secure download:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_32_RTM/src/

A complete list of all bugs resolved in this release can be obtained at
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&product=NSS&target_milestone=3.32

--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto