The NSS 3.7 release is now available at
ftp://ftp.mozilla.org/pub/security/nss/releases/NSS_3_7_RTM/.
The cvs tag is NSS_3_7_RTM.
I will post the release notes and build instructions here
when they are ready. Here is a quick summary of what's new
in NSS 3.7.
The main feature of NSS 3.7 is the cert8.db upgrade. The
new NSS certificate database supports large CRLs and
multiple email addresses for the subject of a certificate.
Other new features include:
* New functions to obtain the list of email addresses in
a certificate's subjectAltName extension.
* A new function that waits for smartcard insertion and
removal events.
* New functions for verifying a signature using a public
key not associated with a certificate.
* Support for encrypted data with subjectKeyID in the
S/MIME library
We recommend that you upgrade to NSS 3.7 as soon as possible.
Because of the cert8.db upgrade, you should search your source
tree for hardcoded "cert7.db" strings. If you find them and
are not sure how to fix them (you should avoid simply changing
them to "cert8.db"), please describe how you are using
"cert7.db" here and we will help you fix them.
Wan-Teh Chang
