Opened 9 months ago
Closed 9 months ago
New minor version.
Notable Changes in NSS 3.59
Exported two existing functions from libnss, CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData
NSS will soon require GCC 4.8 or newer. Gyp-based builds will stop supporting older GCC versions first, followed a few releases later by the make-based builds. Users of older GCC versions can continue to use the make-based build system while they upgrade to newer versions of GCC.
Bugs fixed in NSS 3.59
Bug 1607449 - Lock cert->nssCertificate to prevent a potential data race
Bug 1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA
Bug 1663661 - Guard against NULL token in nssSlot_IsTokenPresent
Bug 1670835 - Support enabling and disabling signatures via Crypto Policy
Bug 1672291 - Resolve libpkix OCSP failures on SHA1 self-signed root certs when SHA1 signatures are disabled.
Bug 1644209 - Fix broken SelectedCipherSuiteReplacer filter to solve some test intermittents
Bug 1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in our CVE-2020-25648 fix that broke purple-discord
Bug 1666891 - Support key wrap/unwrap with RSA-OAEP
Bug 1667989 - Fix gyp linking on Solaris
Bug 1668123 - Export CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData from libnss
Bug 1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA
Bug 1663091 - Remove unnecessary assertions in the streaming ASN.1 decoder that affected decoding certain PKCS8 private keys when using NSS debug builds
Bug 1670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
This Bugzilla query returns all the bugs fixed in NSS 3.59:
Fixed at r23908
Powered by Trac 1.5.3.dev0
By Edgewall Software
© 1998-2021 Gerard Beekmans.