nss_3_107.rst - mozsearch

Enable keyboard shortcuts

.. _mozilla_projects_nss_nss_3_107_release_notes:

NSS 3.107 release notes

========================

`Introduction <#introduction>`__

--------------------------------

.. container::

   Network Security Services (NSS) 3.107 was released on *21 November 2024**.

`Distribution Information <#distribution_information>`__

--------------------------------------------------------

.. container::

   The HG tag is NSS_3_107_RTM. NSS 3.107 requires NSPR 4.35 or newer. The latest version of NSPR is 4.36.

   NSS 3.107 source distributions are available on ftp.mozilla.org for secure HTTPS download:

   -  Source tarballs:

      https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_107_RTM/src/

   Other releases are available :ref:`mozilla_projects_nss_releases`.

.. _changes_in_nss_3.107:

`Changes in NSS 3.107 <#changes_in_nss_3.107>`__

------------------------------------------------------------------

.. container::

   - Bug 1923038 - Remove MPI fuzz targets.

   - Bug 1925512 - Remove globals `lockStatus` and `locksEverDisabled`.

   - Bug 1919015 - Enable PKCS8 fuzz target.

   - Bug 1923037 - Integrate Cryptofuzz in CI.

   - Bug 1913677 - Part 2: Set tls server target socket options in config class.

   - Bug 1913677 - Part 1: Set tls client target socket options in config class.

   - Bug 1913680 - Support building with thread sanitizer.

   - Bug 1922392 - set nssckbi version number to 2.72.

   - Bug 1919913 - remove Websites Trust Bit from Entrust Root Certification Authority - G4.

   - Bug 1920641 - remove Security Communication RootCA3 root cert.

   - Bug 1918559 - remove SecureSign RootCA11 root cert.

   - Bug 1922387 - Add distrust-after for TLS to Entrust Roots.

   - Bug 1927096 - update expected error code in pk12util pbmac1 tests.

   - Bug 1929041 - Use random tstclnt args with handshake collection script.

   - Bug 1920466 - Remove extraneous assert in ssl3gthr.c.

   - Bug 1928402 - Adding missing release notes for NSS_3_105.

   - Bug 1874451 - Enable the disabled mlkem tests for dtls.

   - Bug 1874451 - NSS gtests filter cleans up the constucted buffer before the use.

   - Bug 1925505 - Make ssl_SetDefaultsFromEnvironment thread-safe.

   - Bug 1925503 - Remove short circuit test from ssl_Init.