The NSS team has released Network Security Services (NSS) 3.42 on 25 January 2019, which is a minor release.
Distribution Information: The HG tag is NSS_3_42_RTM. NSS 3.42 requires NSPR 4.20 or newer. NSS 3.42 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_42_RTM/src/ New Functionality: * Bug 818686 - Support XDG basedir specification Notable changes: * Added support for some of the testcases from the Wycheproof project: - Bug 1508666 - Added AES-GCM test cases - Bug 1508673 - Added ChaCha20-Poly1305 test cases - Bug 1514999 - Added the Curve25519 test cases - Thanks to Jonas Allmann for adapting these tests. Bugs fixed in NSS 3.42: * Bug 1490006 - Reject invalid CH.legacy_version in TLS 1.3 * Bug 1507135 and Bug 1507174 - Add additional null checks to several CMS functions to fix a rare CMS crash. Thanks to Hanno Böck and Damian Poddebniak for the discovery and fixes. * Bug 1513913 - A fix for Solaris where Firefox 60 core dumps during start when using profile from version 52 Please refer to the release notes for the complete list of changes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.42_release_notes A complete list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&product=NSS&target_milestone=3.42 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto