The NSS Development Team announces the release of NSS 3.15.3.
Network Security Services (NSS) 3.15.3 is a patch release for NSS 3.15.
No new major functionality is introduced in this release.
The following security-relevant bugs have been resolved in NSS 3.15.3.
Users are encouraged to upgrade immediately.
* Bug 925100 - (CVE-2013-1741) Ensure a size is <= half of the maximum
PRUint32 value
* Bug 934016 - (CVE-2013-5605) Handle invalid handshake packets
* Bug 910438 - (CVE-2013-5606) Return the correct result in
CERT_VerifyCert on failure, if a verifyLog isn't used
The full release notes are available at
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes
The HG tag is NSS_3_15_3_RTM. NSS 3.15.3 requires NSPR 4.10.2 or newer.
NSS 3.15.3 source distributions are also available on ftp.mozilla.org
for secure HTTPS download:
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_3_RTM/src/
A complete list of all bugs resolved in this release can be obtained at
https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.15.3&product=NSS
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
