On Mon, 2014-10-27 at 14:59 +0100, Kai Engert wrote:
The NSS Development Team announces the release of NSS 3.16.2.3
Network Security Services (NSS) 3.16.2.3 is a patch release
for NSS 3.16, to fix a regression.
Sorry, this paragraph should have said:
Network Security Services (NSS) 3.16.2.3 is a patch release
for NSS 3.16. It fixes a bug and contains a backport of the
TLS_FALLBACK_SCSV feature, which was originally made available in NSS
3.17.1.
New functionality:
* TLS_FALLBACK_SCSV is a signaling cipher suite value that indicates a
handshake is the result of TLS version fallback.
New Macros:
* SSL_ENABLE_FALLBACK_SCSV - an SSL socket option that enables
TLS_FALLBACK_SCSV. Off by default.
* SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT - a new SSL error code.
* TLS_FALLBACK_SCSV - a a signaling cipher suite value that indicates a
handshake is the result of TLS version fallback.
The following bug has been resolved in NSS 3.16.2.3:
* Bug 1057161 - NSS hangs with 100% CPU on invalid EC key
* Bug 1036735 - Add support for draft-ietf-tls-downgrade-scsv
The full release notes are available at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2.3_release_notes
The HG tag is NSS_3_16_2_3_RTM. NSS 3.16.2.3 requires NSPR 4.10.6 or
newer.
NSS 3.16.2.3 source distributions are also available on ftp.mozilla.org
for secure HTTPS download:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_16_2_3_RTM/src/
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
