The NSS team has released Network Security Services (NSS) 3.40,
which is a minor release.
Notable bug fixes:
* Bug 1478698 - FFDHE key exchange sometimes fails with decryption failure
* The draft-00 version of encrypted SNI support is implemented
* tstclnt now takes -N option to specify encrypted SNI key
* The mozilla::pkix library has been ported from Mozilla PSM to NSS.
This is a C++ library for building certification paths.
mozilla::pkix APIs are not exposed in the libraries NSS builds.
* It is easier to build NSS on Windows in mozilla-build environments.
* The following CA certificates were Removed:
CN = Visa eCommerce Root