NSS 3.105 release notes
Introduction
Network Security Services (NSS) 3.105 was released on 26 September 2024*.
Distribution Information
The HG tag is NSS_3_105_RTM. NSS 3.105 requires NSPR 4.35 or newer.
NSS 3.105 source distributions are available on ftp.mozilla.org for secure HTTPS download:
Other releases are available Releases.
Changes in NSS 3.105
Bug 1915792 - Allow importing PKCS#8 private EC keys missing public key
Bug 1909768 - UBSAN fix: applying zero offset to null pointer in sslsnce.c
Bug 1919577 - set KRML_MUSTINLINE=inline in makefile builds
Bug 1918965 - Don’t set CKA_SIGN for CKK_EC_MONTGOMERY private keys
Bug 1918767 - override default definition of KRML_MUSTINLINE
Bug 1916525 - libssl support for mlkem768x25519
Bug 1916524 - support for ML-KEM-768 in softoken and pk11wrap
Bug 1866841 - Add Libcrux implementation of ML-KEM 768 to FreeBL
Bug 1911912 - Avoid misuse of ctype(3) functions
Bug 1917311 - part 2: run clang-format
Bug 1917311 - part 1: upgrade to clang-format 13
Bug 1916953 - clang-format fuzz
Bug 1910370 - DTLS client message buffer may not empty be on retransmit
Bug 1916413 - Optionally print config for TLS client and server fuzz target
Bug 1916059 - Fix some simple documentation issues in NSS.
Bug 1915439 - improve performance of NSC_FindObjectsInit when template has CKA_TOKEN attr
Bug 1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN
Compatibility
NSS 3.105 shared libraries are backwards-compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with this new version of the shared libraries without recompiling or relinking. Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.
Feedback
Bugs discovered should be reported by filing a bug report on bugzilla.mozilla.org (product NSS).