The NSS Development Team announces multiple security patch releases: * NSS 3.21.4 for NSS 3.21 * NSS 3.28.4 for NSS 3.28 * NSS 3.29.5 for NSS 3.29 * NSS 3.30.1 for NSS 3.30
No new functionality is introduced in these releases. The following security fixes are included. Users are encouraged to upgrade immediately. In NSS 3.21.4, 3.28.4, 3.29.5 and 3.30.1: * Bug 1344380 / CVE-2017-5461 - Out-of-bounds write in Base64 encoding in NSS In NSS 3.21.4, NSS 3.28.4 and 3.29.5: * Bug 1345089 / CVE-2017-5462 - DRBG flaw in NSS In NSS 3.28.4 an additional crash fix was included. NSS source distributions are available on ftp.mozilla.org for secure HTTPS download. NSS 3.21.4 requires NSPR 4.12 or newer. The HG tag is NSS_3_21_4_RTM. The full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes Download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_21_4_RTM/src/ NSS 3.28.4 requires NSPR 4.13.1 or newer. The HG tag is NSS_3_28_4_RTM. The full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes Download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_28_4_RTM/src/ NSS 3.29.5 requires NSPR 4.13.1 or newer. The HG tag is NSS_3_29_5_RTM. The full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes Download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_29_5_RTM/src/ NSS 3.30.1 requires NSPR 4.14 or newer. The HG tag is NSS_3_30_1_RTM. The full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes Download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_30_1_RTM/src/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
