The NSS team has released Network Security Services (NSS) 3.40, which is a minor release.
Notable bug fixes: * Bug 1478698 - FFDHE key exchange sometimes fails with decryption failure New functionality: * The draft-00 version of encrypted SNI support is implemented * tstclnt now takes -N option to specify encrypted SNI key Notable changes: * The mozilla::pkix library has been ported from Mozilla PSM to NSS. This is a C++ library for building certification paths. mozilla::pkix APIs are not exposed in the libraries NSS builds. * It is easier to build NSS on Windows in mozilla-build environments. * The following CA certificates were Removed: CN = Visa eCommerce Root Please refer to the release notes for the complete list of changes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.40_release_notes The HG tag is NSS_3_40_RTM. NSS 3.40 requires NSPR 4.20 or newer. NSS 3.40 source distributions are available for secure download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_40_RTM/src/ A complete list of all bugs resolved in this release can be obtained at https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&product=NSS&target_milestone=3.40 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto