Source code

Revision control

Copy as Markdown

Other Tools

.. _mozilla_projects_nss_nss_3_54_release_notes:
NSS 3.54 release notes
======================
`Introduction <#introduction>`__
--------------------------------
.. container::
The NSS team has released Network Security Services (NSS) 3.54 on **26 June 2020**, which is a
minor release.
`Distribution Information <#distribution_information>`__
--------------------------------------------------------
.. container::
The HG tag is NSS_3_54_RTM. NSS 3.54 requires NSPR 4.26 or newer.
NSS 3.54 source distributions are available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs:
Other releases are available :ref:`mozilla_projects_nss_nss_releases`.
.. _notable_changes_in_nss_3.54:
`Notable Changes in NSS 3.54 <#notable_changes_in_nss_3.54>`__
--------------------------------------------------------------
.. container::
- Support for TLS 1.3 external pre-shared keys (`Bug
- Use ARM Cryptography Extension for SHA256, when available. (`Bug
.. _certificate_authority_changes:
`Certificate Authority Changes <#certificate_authority_changes>`__
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. container::
- The following CA certificates were Added:
G2
- SHA-256 Fingerprint: 657CFE2FA73FAA38462571F332A2363A46FCE7020951710702CDFBB6EEDA3305
2017
- SHA-256 Fingerprint: BEB00B30839B9BC32C32E4447905950641F26421B15ED089198B518AE2EA1B99
Certificate Authority 2017
- SHA-256 Fingerprint: 358DF39D764AF9E1B766E9C972DF352EE15CFAC227AF6AD1D70E8E4A6EDCBA02
Certificate Authority 2017
- SHA-256 Fingerprint: C741F70F4B2A8D88BF2E71C14122EF53EF10EBA0CFA5E64CFA20F418853073E0
- The following CA certificates were Removed:
CA Root
- SHA-256 Fingerprint:
8C7209279AC04E275E16D07FD3B775E80154B5968046E31F52DD25766324E9A7
CA Root
- SHA-256 Fingerprint:
687FA451382278FFF0C8B11F8D43D576671C6EB2BCEAB413FB83D965D06D2FF2
Root 2
- SHA-256 Fingerprint: 54455F7129C20B1447C418F997168F24C58FC5023BF5DA5BE2EB6E1DD8902ED5
Nederlanden Root CA - G2
- SHA-256 Fingerprint: 668C83947DA63B724BECE1743C31A0E6AED0DB8EC5B31BE377BB784F91B6716F
Public Primary Certification Authority - G4
- SHA-256 Fingerprint: FE863D0822FE7A2353FA484D5924E875656D3DC9FB58771F6F616F9D571BC592
Public Primary Certification Authority - G4
- SHA-256 Fingerprint: 363F3C849EAB03B0A2A0F636D7B86D04D3AC7FCFE26A0A9121AB9795F6E176DF
Public Primary Certification Authority - G3
- SHA-256 Fingerprint: EB04CF5EB1F39AFA762F2BB120F296CBA520C1B97DB1589565B81CB9A17B7244
- A number of certificates had their Email trust bit disabled. See `Bug
.. _bugs_fixed_in_nss_3.54:
`Bugs fixed in NSS 3.54 <#bugs_fixed_in_nss_3.54>`__
----------------------------------------------------
.. container::
Extension for SHA256.
PSK support.
for HACL\* curve25519 on Windows.
G2" root certificate.
"e-Szigno Root CA 2017" root certificate.
non-EV root certificates.
bit for "O=Government Root Certification Authority; C=TW" root.
certificates.
Global Root 2" root certificate.
Nederlanden Root CA - G2" root certificate.
certificates and disable email trust bit.
depend on NSPR 4.26.
reference to \`PORT_ZAlloc_stub' in seed.c.
recursion building NSS.
crash.
SSL_SendSessionTicket after resumption.
SSL_ExportEarlyKeyingMaterial with External PSKs.
warnings in NSS.
ClearServerCache when resetting self-encrypt keys.
SECITEM_MakeItem in secutil.c.
of ASN.1 INTEGER encoding.
This Bugzilla query returns all the bugs fixed in NSS 3.54:
`Compatibility <#compatibility>`__
----------------------------------
.. container::
NSS 3.54 shared libraries are backward compatible with all older NSS 3.x shared libraries. A
program linked with older NSS 3.x shared libraries will work with NSS 3.54 shared libraries
without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs
to the functions listed in NSS Public Functions will remain compatible with future versions of
the NSS shared libraries.
`Feedback <#feedback>`__
------------------------
.. container::
Bugs discovered should be reported by filing a bug report with
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).