The NSS Development Team announces multiple security patch releases: NSS 3.44.4 for NSS 3.44 NSS 3.52.1 for NSS 3.52
No new functionality is introduced in these releases. These releases fix a security issue; users are encouraged to upgrade. - Bug 1631576 (CVE-2020-12399) - Force a fixed length for DSA exponentiation Thank you to Cesar Pereida Garcia and the Network and Information Security Group (NISEC) at Tampere University for reporting this issue. NSS 3.52.1 requires NSPR 4.25 or newer. The HG tag is NSS_3_52_1_RTM. NSS 3.52.1 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_52_1_RTM/src/ Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes NSS 3.44.4 requires NSPR 4.21 or newer. The HG tag is NSS_3_44_4_RTM. NSS 3.44.4 source distributions are available on ftp.mozilla.org for secure HTTPS download: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_44_4_RTM/src/ Full release notes are available at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.4_release_notes -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
