NSS 3.65 release notes

Introduction

Network Security Services (NSS) 3.65 was released on 13 May 2021.

Distribution Information

The HG tag is NSS_3_65_RTM. NSS 3.65 requires NSPR 4.30 or newer.

NSS 3.65 source distributions are available on ftp.mozilla.org for secure HTTPS download:

Other releases are available in NSS Releases.

Bugs fixed in NSS 3.65

  • Bug 1709654 - Update for NetBSD configuration.
  • Bug 1709750 - Disable HPKE test when fuzzing.
  • Bug 1566124 - Optimize AES-GCM for ppc64le.
  • Bug 1699021 - Add AES-256-GCM to HPKE.
  • Bug 1698419 - ECH -10 updates.
  • Bug 1692930 - Update HPKE to final version.
  • Bug 1707130 - NSS should use modern algorithms in PKCS#12 files by default.
  • Bug 1703936 - New coverity/cpp scanner errors.
  • Bug 1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards.
  • Bug 1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms.
  • Bug 1705119 - Deadlock when using GCM and non-thread safe tokens.

Compatibility

NSS 3.65 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.65 shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.

Feedback

Bugs discovered should be reported by filing a bug report on bugzilla.mozilla.org (product NSS).

Notes

This version of NSS contains a number of contributions for "unsupported platforms". We would like to thank the authors and the reviewers for their contributions to NSS.

Discussions about moving the documentation are still ongoing. (See discussion in the 3.62 release notes.)