[ANNOUNCE] NSS 3.44.4 and 3.52.1 Releases

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ANNOUNCE] NSS 3.44.4 and 3.52.1 Releases

JC Jones
The NSS Development Team announces multiple security patch releases: 

NSS 3.44.4 for NSS 3.44
NSS 3.52.1 for NSS 3.52

No new functionality is introduced in these releases. These releases fix a 
security issue; users are encouraged to upgrade. 

 - Bug 1631576 (CVE-2020-12399) - Force a fixed length for DSA exponentiation

Thank you to Cesar Pereida Garcia and the Network and Information Security Group (NISEC) at Tampere University for reporting this issue.


NSS 3.52.1 requires NSPR 4.25 or newer. The HG tag is NSS_3_52_1_RTM. 

NSS 3.52.1 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_52_1_RTM/src/

Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes


NSS 3.44.4 requires NSPR 4.21 or newer. The HG tag is NSS_3_44_4_RTM. 

NSS 3.44.4 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_44_4_RTM/src/

Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes
--
dev-tech-crypto mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-tech-crypto