[ANNOUNCE] NSS 3.44.3 and 3.47.1 Releases

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ANNOUNCE] NSS 3.44.3 and 3.47.1 Releases

J.C. Jones-2
The NSS Development Team announces multiple patch releases:

NSS 3.44.3 for NSS 3.44
NSS 3.47.1 for NSS 3.47

No new functionality is introduced in these releases. Users are encouraged to
upgrade.

The NSS team would like to recognize first-time contributors:

* Craig Disselkoen


NSS 3.44.3 includes:

* CVE-2019-11745 - EncryptUpdate should use maxout, not block size
* Bug 1579060 - Don’t set the CONSTRUCTED bit for issuerUniqueID and subjectUniqueID in mozilla::pkix


NSS 3.47.1 includes:

* CVE-2019-11745 - EncryptUpdate should use maxout, not block size
* Bug 1590495 - Fix a crash that could be caused by client certificates during startup
* Bug 1589810 - Fix compile-time warnings from uninitialized variables in a perl script


NSS 3.44.3 requires NSPR 4.21 or newer. The HG tag is NSS_3_44_3_RTM.

NSS 3.44.3 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_44_3_RTM/src/

Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.3_release_notes


NSS 3.47.1 requires NSPR 4.23 or newer. The HG tag is NSS_3_47_1_RTM.

NSS 3.47.1 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_47_1_RTM/src/

Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47.1_release_notes
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto