Network Security Services (NSS) 3.16.1 is a patch release for NSS 3.16. The bug fixes in NSS 3.16.1 are described in the "Bugs Fixed" section below.
The HG tag is NSS_3_16_1_RTM. NSS 3.16.1 requires NSPR 4.10.5 or newer.
NSS 3.16.1 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Added the "ECC" flag for modutil to select the module used for elliptic curve cryptography (ECC) operations.
- in pk11pub.h
- PK11_ExportDERPrivateKeyInfo and PK11_ExportPrivKeyInfo - exports a private key in a DER-encoded ASN.1 PrivateKeyInfo type or a SECKEYPrivateKeyInfo structure. Only RSA private keys are supported now.
- in secmod.h
- SECMOD_InternalToPubMechFlags - converts from NSS-internal to public representation of mechanism flags.
- in sslt.h
- ssl_padding_xtn - the value of this enum constant changed from the experimental value 35655 to the IANA-assigned value 21. .
- in secmod.h
- PUBLIC_MECH_ECC_FLAG - a public mechanism flag for elliptic curve cryptography (ECC) operations.
- in utilmodt.h
- SECMOD_ECC_FLAG - an NSS-internal mechanism flag for elliptic curve cryptography (ECC) operations. This macro has the same numeric value as PUBLIC_MECH_ECC_FLAG.
- Imposed name constraints on the French government root CA ANSSI (DCISS).
This Bugzilla query returns all the bugs fixed in NSS 3.16.1: