Opened 8 years ago

Closed 8 years ago

#6620 closed enhancement (fixed)


Reported by: bdubbs@… Owned by: Fernando de Oliveira
Priority: normal Milestone: 7.8
Component: BOOK Version: SVN
Severity: normal Keywords:

Description (last modified by Fernando de Oliveira)

New point version.


New in NSS 3.19.2

New Functionality

No new functionality is introduced in this release.

Notable Changes in NSS 3.19.2

  • Bug 1172128 - In NSS 3.19.1, the minimum key sizes that the freebl
    cryptographic implementation (part of the softoken cryptographic
    module used by default by NSS) was willing to generate or use was
    increased - for RSA keys, to 512 bits, and for DH keys, 1023 bits.
    This was done as part of a security fix for Bug 1138554 /
    CVE-2015-2721. Applications that requested or attempted to use keys
    smaller then the minimum size would fail. However, this change in
    behaviour unintentionally broke existing NSS applications that need
    to generate or use such keys, via APIs such as
    SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey.

    In NSS 3.19.2, this change in freebl behaviour has been reverted.
    The fix for Bug 1138554 has been moved to libssl, and will now only
    affect the minimum keystrengths used in SSL/TLS.

    Note: Future versions of NSS may increase the minimum keysizes
    required by the freebl module. Consumers of NSS are strongly
    encouraged to migrate to stronger cryptographic strengths as soon as

Bugs fixed in NSS 3.19.2

This Bugzilla query returns all the bugs fixed in NSS 3.19.2

Change History (3)

comment:1 by Fernando de Oliveira, 8 years ago

Description: modified (diff)

comment:2 by Fernando de Oliveira, 8 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:3 by Fernando de Oliveira, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16140.

Note: See TracTickets for help on using tickets.