NSS 3.107 release notes

Introduction

Network Security Services (NSS) 3.107 was released on 21 November 2024*.

Distribution Information

The HG tag is NSS_3_107_RTM. NSS 3.107 requires NSPR 4.35 or newer. The latest version of NSPR is 4.36.

NSS 3.107 source distributions are available on ftp.mozilla.org for secure HTTPS download:

Other releases are available Releases.

Changes in NSS 3.107

  • Bug 1923038 - Remove MPI fuzz targets.

  • Bug 1925512 - Remove globals lockStatus and locksEverDisabled.

  • Bug 1919015 - Enable PKCS8 fuzz target.

  • Bug 1923037 - Integrate Cryptofuzz in CI.

  • Bug 1913677 - Part 2: Set tls server target socket options in config class.

  • Bug 1913677 - Part 1: Set tls client target socket options in config class.

  • Bug 1913680 - Support building with thread sanitizer.

  • Bug 1922392 - set nssckbi version number to 2.72.

  • Bug 1919913 - remove Websites Trust Bit from Entrust Root Certification Authority - G4.

  • Bug 1920641 - remove Security Communication RootCA3 root cert.

  • Bug 1918559 - remove SecureSign RootCA11 root cert.

  • Bug 1922387 - Add distrust-after for TLS to Entrust Roots.

  • Bug 1927096 - update expected error code in pk12util pbmac1 tests.

  • Bug 1929041 - Use random tstclnt args with handshake collection script.

  • Bug 1920466 - Remove extraneous assert in ssl3gthr.c.

  • Bug 1928402 - Adding missing release notes for NSS_3_105.

  • Bug 1874451 - Enable the disabled mlkem tests for dtls.

  • Bug 1874451 - NSS gtests filter cleans up the constucted buffer before the use.

  • Bug 1925505 - Make ssl_SetDefaultsFromEnvironment thread-safe.

  • Bug 1925503 - Remove short circuit test from ssl_Init.