The NSS team has released Network Security Services (NSS) 3.28.3 No new functionality is introduced in this release. This is a patch release to fix binary compatibility issues.
NSS version 3.28, 3.28.1 and 3.28.2 contained changes that were in violation with the NSS compatibility promise. ECParams, which is part of the public API of the freebl/softokn parts of NSS, had been changed to include an additional attribute. That size increase caused crashes or malfunctioning with applications that use that data structure directly, or indirectly through ECPublicKey, ECPrivateKey, NSSLOWKEYPublicKey, NSSLOWKEYPrivateKey, or potentially other data structures that reference ECParams. The change has been reverted to the original state in bug 1334108. SECKEYECPublicKey had been extended with a new attribute, named "encoding". If an application passed type SECKEYECPublicKey to NSS (as part of SECKEYPublicKey), the NSS library read the uninitialized attribute. With this NSS release SECKEYECPublicKey.encoding is deprecated. NSS no longer reads the attribute, and will always set it to ECPoint_Undefined. See bug 1340103. The full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.3_release_notes The HG tag is NSS_3_28_3_RTM. NSS 3.28.3 requires NSPR 4.13.1 or newer. NSS 3.28.3 source distributions are available for secure download: https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_28_3_RTM/src/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto