Opened 9 years ago
Closed 9 years ago
#6620 closed enhancement (fixed)
nss-3.19.2
Reported by: | Owned by: | Fernando de Oliveira | |
---|---|---|---|
Priority: | normal | Milestone: | 7.8 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description (last modified by )
New point version.
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/nss-3.19.2.tar.gz
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_19_2_RTM/src/SHA256SUMS
1306663e8f61d8449ad8cbcffab743a604dcd9f6f34232c210847c51dce2c9ae
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2_release_notes
New in NSS 3.19.2 New Functionality No new functionality is introduced in this release. Notable Changes in NSS 3.19.2 • Bug 1172128 - In NSS 3.19.1, the minimum key sizes that the freebl cryptographic implementation (part of the softoken cryptographic module used by default by NSS) was willing to generate or use was increased - for RSA keys, to 512 bits, and for DH keys, 1023 bits. This was done as part of a security fix for Bug 1138554 / CVE-2015-2721. Applications that requested or attempted to use keys smaller then the minimum size would fail. However, this change in behaviour unintentionally broke existing NSS applications that need to generate or use such keys, via APIs such as SECKEY_CreateRSAPrivateKey or SECKEY_CreateDHPrivateKey. In NSS 3.19.2, this change in freebl behaviour has been reverted. The fix for Bug 1138554 has been moved to libssl, and will now only affect the minimum keystrengths used in SSL/TLS. Note: Future versions of NSS may increase the minimum keysizes required by the freebl module. Consumers of NSS are strongly encouraged to migrate to stronger cryptographic strengths as soon as possible.
Bugs fixed in NSS 3.19.2
This Bugzilla query returns all the bugs fixed in NSS 3.19.2
Change History (3)
comment:1 by , 9 years ago
Description: | modified (diff) |
---|
comment:2 by , 9 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:3 by , 9 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at r16140.