[ANNOUNCE] NSS 3.44 Release

[JC Jones]

The NSS team has released Network Security Services (NSS) 3.44 on 10 May 2019, 
which is a minor release.

The NSS team would like to recognize first-time contributors: Kevin Jacobs, 
David Carlier, Alexander Scheel, and Edouard Oger.

The HG tag is NSS_3_44_RTM. NSS 3.44 requires NSPR 4.21 or newer.

NSS 3.44 source distributions are available on ftp.mozilla.org for secure HTTPS 
download:

    
https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_44_RTM/src/

New Functions:

    in lib/certdb/cert.h
        CERT_GetCertificateDer - Access the DER-encoded form of a 
CERTCertificate.

Notable Changes in NSS 3.44:

   * It is now possible to build NSS as a static library (Bug 1543545)
   * Initial support for building for iOS.

Bugs fixed in NSS 3.44:

   * 1501542 - Implement CheckARMSupport for Android
   * 1531244 - Use __builtin_bswap64 in crypto_primitives.h
   * 1533216 - CERT_DecodeCertPackage() crash with Netscape Certificate 
Sequences
   * 1533616 - sdb_GetAttributeValueNoLock should make at most one sql query, 
rather than one for each attribute
   * 1531236 - Provide accessor for CERTCertificate.derCert
   * 1536734 - lib/freebl/crypto_primitives.c assumes a big endian machine
   * 1532384 - In NSS test certificates, use @example.com (not @bogus.com)
   * 1538479 - Post-Handshake messages after async server authentication break 
when using record layer separation
   * 1521578 - x25519 support in pk11pars.c
   * 1540205 - freebl build fails with -DNSS_DISABLE_CHACHAPOLY
   * 1532312 - post-handshake auth doesn't interoperate with OpenSSL
   * 1542741 - certutil -F crashes with segmentation fault
   * 1546925 - Allow preceding text in try comment
   * 1534468 - Expose ChaCha20 primitive
   * 1418944 - Quote CC/CXX variables passed to nspr
   * 1543545 - Allow to build NSS as a static library
   * 1487597 - Early data that arrives before the handshake completes can be 
read afterwards
   * 1548398 - freebl_gtest not building on Linux/Mac
   * 1548722 - Fix some Coverity warnings
   * 1540652 - softoken/sdb.c: Logically dead code
   * 1549413 - Android log lib is not included in build
   * 1537927 - IPsec usage is too restrictive for existing deployments
   * 1549608 - Signature fails with dbm disabled
   * 1549848 - Allow building NSS for iOS using gyp
   * 1549847 - NSS's SQLite compilation warnings make the build fail on iOS
   * 1550041 - freebl not building on iOS simulator
   * 1542950 - MacOS cipher test timeouts

This Bugzilla query returns all the bugs fixed in NSS 3.44:

https://bugzilla.mozilla.org/buglist.cgi?resolution=FIXED&classification=Components&query_format=advanced&product=NSS&target_milestone=3.44

Please refer to the release notes for the complete list of changes:
  
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44_release_notes
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto