372439
|
|
PKCS#12 export with empty password produces incorrect encoding of MacData in PFX object
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-10
|
1452470
|
|
nss-modutil does not load pkcs module to firefox on mac os high sierra / ubuntu 18
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1837357
|
|
Sending client cert causes no PSK info in the client hello, which makes the tls1.3 fail to resumption
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-06-07
|
610024
|
|
Conform to NIST requirements for ephemeral keys in libssl for ECDHE_ cipher suites
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
731128
|
|
[Scalability issue] Exhaustive synchronization in NSS due to refCount inc/decrements under lock
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1027239
|
|
freebl unix_rand bypass file checking by truncated filename
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1192500
|
|
ssl/sslmutex.c uses sem_init/sem_destroy that are unsupported on iOS
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1201900
|
|
using the external array SSL_ImplementedCiphers[] directly should be deprecated
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-12-11
|
1208474
|
|
TLS server accepts application data between CCS and Finished message
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1209076
|
|
PKCS11 renegotiation
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1210008
|
|
PKCS11_PUB_READABLE_CERT_FLAG not supported anymore in FF 43
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1210782
|
|
Malformed Client Key Exchange messages are accepted (Handshake.length)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1234096
|
|
"Built-in Object Token" certificates become "Software Security Device" certificate
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1240679
|
|
Cert based client auth with Lithuanian National ID cards fails with sec_error_pkcs11_device_error
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1241446
|
|
CMS decrypt fails with ecc / NSS CMS and RFC 5652, RFC 5753
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1253175
|
|
Using NSSSessionTickets causes segfault in nss lib if used with ECC Cipher Suite
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1253211
|
|
NSSTrustDomain_TraverseCertificates() runs in O(n²) time
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1264963
|
|
Malformed Client Key Exchange messages (invalid length, invalid share) in DHE key exchange are not rejected by server
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1274198
|
|
NSS seems to not support more than 10 pkcs12 objects on a pk11 token
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1284375
|
|
Make the x86-64 asm in NSS compliant with Windows x86-64 ABI
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1297469
|
|
SECMOD_LoadUserModule does not verify authenticode signatures on loaded dlls
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1319000
|
|
Cache of database is broken in the case of same subjects and different nickname.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1342434
|
|
PK11_Derive*() doesn't set the failure reason
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1342824
|
|
When Firefox is set to negotiate solely TLS 1.3 it still includes obsolete TLS extensions.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1357467
|
|
AES-256 preference to help guard against quantum
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-12-18
|
1357894
|
|
Key use limit in ChaCha20-Poly1305 can be relaxed in TLS (but not DTLS)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1362790
|
|
since FF 53.0, activeidentity PKCS ##11 security device is failing to login automatically.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1363727
|
|
NSS 3.28.4 causing curl via PHP to fail
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1382539
|
|
PK11_CopyKey passing NULL template to C_CopyObject
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1382942
|
|
-fno-plt breaks assumption about PIC register
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1384474
|
|
e10s message pump gets caught in infinite loop causing permanent UI deadlock when packets are captured with Windows Filtering Platform
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1410867
|
|
pin code of pkcs11 module requested multiple time when module is shared with another application
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1430155
|
|
nss library uses environ, which is not thread safe
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1441097
|
|
OCSP response check for certs with SSL CA, S/MIME CA and OCSP Signing usage
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1441115
|
|
Resumption with ticket not working with 8k keys
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1441117
|
|
Resumption with session id not working with 8k keys
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1523108
|
|
serialNumber sub-fields of X.509 certificate subjects and issuers not properly displayed
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-10
|
1546968
|
|
gsd-smartcard segmentation faults in NSSRWLock_LockRead_Util at nssrwlk.c:145 in libnssutil3.so in nss-util-3.43.0-1.fc30 when logging out of GNOME in Fedora 30
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1569327
|
|
New checkbox "Certificare are public readable" as option to pkcs11 driver loading
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1574346
|
|
SECMOD_CloseUserDB memory leak
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1576642
|
|
NSS does not invalidate PKCS11 object handles after logout
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1613632
|
|
Stuck on invalidated PKCS#11 session handles
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-31
|
1682044
|
|
pkix_Build_GatherCerts() + pkix_CacheCert_Add() can corrupt "cachedCertTable"
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2021-02-10
|
1709676
|
|
are CN=.# and CN== valid?
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2021-07-14
|
1721995
|
|
libnss3 broken on s390x when compiled with LTO (-flto)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2021-08-10
|
1752511
|
|
NSS sends a Hello Retry Request if a Key Share extension is missing in a TLS 1.3 Client Hello
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-02-11
|
1766447
|
|
Izenpe smart card gives SEC_ERROR_INPUT_LEN
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-03-13
|
1768684
|
|
NSS is loading PKCS#11 modules in sandboxed processes (seccomp violation: syscall 270 and syscall 91)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-05-19
|
1814513
|
|
sftk_MAC_InitRaw does not handle CKM_*_GENERAL
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-19
|
1815683
|
|
Upgrade SQLite in NSS to a last version (3.40.1)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1823875
|
|
AES CTS decryption does not update its own context's IV on full blocks input
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-04-24
|
1831506
|
|
Post-handshake authentication (TLS 1.3) does not work (with smartcard)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-06-07
|
1833745
|
|
PKIX_PL_Cert_GetAllSubjectNames() uses an unnecessarily large amount of memory.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-03-05
|
1834672
|
|
guard against excessive iteration count in PKCS#12 files
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1859982
|
|
libssl should perform client auth certificate signatures asynchronously
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-30
|
228732
|
|
NSS fails to find modulus length with some PKCS11 modules
|
NSS
|
Libraries
|
rrelyea
|
UNCO
|
---
|
2023-11-06
|
693274
|
|
SSL session cache resumes session even if model/listen socket certificate has changed
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
882310
|
|
Configurable DTLS handshake timeouts
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1062903
|
|
FIPS mode test fails on x32
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1683079
|
|
Loading a PKCS#11 module from an alternate location after unloading requires a firefox restart
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2021-02-06
|
1792497
|
|
Reference KEA mechanism consistently
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-31
|
1817511
|
|
EC key length in sftk_fips_mechs is inconsistent with key length returned by sftk_getKeyLength
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-19
|
1826031
|
|
CKM_AES_CMAC and CKM_AES_CMAC_GENERAL accept CKK_GENERIC_SECRET
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-20
|
1826035
|
|
SP 800-108 KDFs incorrectly accept CKM_MD2_HMAC and CKM_MD5_HMAC
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-19
|
1851528
|
|
C_CreateObject for RSA private keys with CRT parameters set signals an assertion failure (SIGABRT)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-01-26
|
353530
|
|
CERT_VerifyCertificate MUST report revoked regardless of usage, when cert is revoked
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
355317
|
|
OCSP cleanup function ocsp_DestroyStatusChecking is never called
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
447868
|
|
Allow environment variable to override directory name passed to NSS_Init*
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-07
|
499243
|
|
certutil corrupts cert8.db
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
506965
|
|
NSS does not support CKR_FUNCTION_CANCELED from C_Login
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
592978
|
|
CERT_PKIXVerifyCert() with "certificateUsageSSLServer" returns error but still log->count is 0
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
603761
|
|
Certificate verification should return SECFailure and set a PORT_SetError when errors are logged
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
633064
|
|
CERT_SaveSMimeProfile returns SECFailure without calling PORT_SetError
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
651573
|
|
Provide a build-time option to exclude old (non-libpkix) cert chain building/verification from public API
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
653162
|
|
Implement XTS-AES for disk encryption
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
787602
|
|
DH_NewKey may need to ensure the most significant bit of the private key is set
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
797815
|
|
Firefox does not use more than one OCSP path within the AIA-attribute of a certificate
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
902947
|
|
Firefox hang when CAC/PIV smart card certificates are viewed in the certificate manager
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
930497
|
|
Thunderbird ask for all PINs of a FINeID smartcard although only PIN1 is needed for email signing (pin2 is for web)
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
932369
|
|
nss cleanup asserts at nssrwlk.c:263 when called from a static destructor.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
956650
|
|
libnssckbi.so lookup inside /etc/pki/nssbd always fails
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
966319
|
|
CERT_GetCertificateRequestExtensions incorrectly hardcoded to expect extensions in first attribute
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1095725
|
|
PK11_DigestFinal does not follow PKCS11 side effect guidelines when checking buffer size
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-07
|
1095741
|
|
PK11_GetPBECryptoMechanism should be able to return padded mechanisms
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-06
|
1418065
|
|
Libraries provided by Firefox would not load in Java in Mac OS X
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1439939
|
|
Exported p12 client certificate fails to load in Powershell and IE
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1464125
|
|
Removing libnssckbi.so no longer helps removing all CA-s
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-10-11
|
1467959
|
|
Some little defects and suggestions for NSS 3.28.4 certificate verification module.
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-30
|
1491118
|
|
TLS 1.3: Offer a way to disable anti-replay
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1597057
|
|
Curve448 or named Ed448-Goldilocks support needed (both X448 key exchange and Ed448 signature algorithm )
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-02-20
|
1648456
|
|
Incorrect choice of SMIME ciphers
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2022-07-14
|
1710202
|
|
An error occurred during a connection to https://www.mozilla.org/en-US/firefox/new/. PR_END_OF_FILE_ERROR
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-03-13
|
1712418
|
|
pkg-config reports wrong library list
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2021-06-06
|
1737235
|
|
Unable to unwrap ECC private key
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1749121
|
|
oidcalc doesn't recognize '0'
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-03-13
|
1778176
|
|
Support Connection Identifier in DTLS 1.2 and DTLS 1.3
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-12-07
|
1792499
|
|
Add support for PKCS#11 CKM_CAMELLIA_CTR
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1796049
|
|
Add support for SM3 digest algorithm
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-10-29
|
1805424
|
|
Firefox not asking for certificate on my Common Access Card using TLSv1.3
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-03-13
|
1814787
|
|
CKM_NSS_HMAC_CONSTANT_TIME with CKM_MD2_HMAC assertion failure
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-02-12
|
1815143
|
|
C_VerifyInit returns CKR_KEY_TYPE_INCONSISTENT for CKM_AES_XCBC_MAC and CKM_AES_XCBC_MAC_96
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2023-11-19
|
1817181
|
|
The NULL-pointer usage is possible in the function DecodeDBSubjectEntry() from lib/softoken/legacydb/pcertdb.c
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-01-29
|
1872998
|
|
OpenSC 0.24.0 client side TLS certificate leads to network timeout
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-04-23
|
1877436
|
|
Failed assertion in ssl_CacheSessionID
|
NSS
|
Libraries
|
nobody
|
UNCO
|
---
|
2024-05-21
|
900067
|
|
file permissions of pkcs11.txt/secmod.db must be kept when modified by nssutil_DeleteSecmodDB
|
NSS
|
Libraries
|
kaie
|
NEW
|
---
|
2022-10-10
|
1782508
|
|
Integrate HACL* RSA-PSS
|
NSS
|
Libraries
|
nkulatova
|
NEW
|
---
|
2024-06-04
|
1900416
|
|
NSS support for WebCrypto X25519
|
NSS
|
Libraries
|
nkulatova
|
NEW
|
---
|
2024-06-03
|
51477
|
|
Crash when application ignores error code and calls again
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
60259
|
|
NSS_CMSContentInfo_SetContent_Data does not seem to do anything with SECItem passed in
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
82357
|
|
Implement DN attribute names from LDAPbis
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
125141
|
|
SECMOD_AddNewModule should report more detailed errors with PR_SetErrorText
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
129807
|
|
nssList_Clone() is O(n^2) if list->sortFunc is not NULL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
134122
|
|
Need SSL model/listen socket validation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
135532
|
|
trust domains should contain slots, not tokens
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
139291
|
|
root cert module doesn't get loaded if the no cert db option is used
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
142160
|
|
Need a way to query detailed mechanism information
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
143242
|
|
NSS should not utilize the defaultSession when it is invalid
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
146552
|
|
Remove the mktemp stub from nssinit.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
151010
|
|
SSL library needs to replace CERT_VerifyCert with new CERT_VerifyCertificate API call
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
154246
|
|
Smartcard portability issues with CA chains
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
155481
|
|
Check intermediate CA certs for revocation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
158750
|
|
[meta] Support RSAPSS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-03-19
|
168561
|
|
Memory leak in CERT_FindUserCertsByUsage
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
170835
|
|
pk11_collectCrls does not interact with CRL cache
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
170836
|
|
SEC_LookupCrls returns CERTSignedCrl* objects without a slot or object ID
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
172224
|
|
Need to export CRL checking function
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
175163
|
|
SEC_ASN1DecodeItem(NULL, ...) leaks by design . It should always be called with an arena
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
185281
|
|
Uninitialized smartcard causes Cert manager to be empty
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-09-13
|
189024
|
|
Add a new error code for the attempt to re-initialize NSS after a failed NSS shutdown
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
190421
|
|
Token object cache is inefficient
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
190501
|
|
Soft token returns wrong PKCS 11 error codes in many cases
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
196399
|
|
Use of PKI certs via eToken/epass2000 lead to a session termination for SSL access to a page
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
216832
|
|
certificate chain verification may choose wrong intermediate CA and fail
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
232737
|
|
PKITS cases 4.5.1 4.5.2 4.6.15 4.6.17 4.13.19 fail: ERROR -8159
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
232775
|
|
Encode DNs using only UTF-8 for new CSRs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
236887
|
|
implement CERT_IsServerCert()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
237877
|
|
CERT_KeyUsageAndTypeForCertUsage returns wrong key usage for SSL server certificates with DHE ciphersuites
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
246167
|
|
changing file permissions on NSS cert/key databases
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
246437
|
|
Backing up and restoring NSS security databases
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
265620
|
|
Use buffer to reduce C_DigestUpdate calls to Cryptoki during SSL handshake
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
266948
|
|
streaming bi-directional test mode for selfserv and strsclnt
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
273861
|
|
SSL_ForceHandshake a bit too forceful?
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
276311
|
|
public functions in pk11cxt.c don't check for NULL arguments
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-17
|
280869
|
|
NSS API usability problem with multiple server SSL certs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
281448
|
|
CRL extension check in decoder is incorrect
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
283763
|
|
memsets in libssl affect performance ; SSL buffer also starts too small
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
286270
|
|
NSS_Shutdown reportedly fails in p7content program
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
286640
|
|
performance optimizations in pk11wrap
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
286663
|
|
backwards compatibility failure: NSS 3.3.9 nssckbi with 3.9.x NSS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
289823
|
|
CERT_DecodeUserNotice fails
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
289976
|
|
NSS public functions that take nicknames should declare them as const
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
291225
|
|
NSS_Init leaks memory in failure case
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
291498
|
|
NSS CKM_DH_PKCS_DERIVE not PKCS3 compliant
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
294554
|
|
unexported api calls in p12.h
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
294651
|
|
function CERT_FindCRLDistributionPoints isn't in nss.def then isn't a part of NSS API, CERT_FindCRLDistributionPoints undefined reference
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
298631
|
|
Review the various versions returned by NSC_GetInfo, NSC_GetSlotInfo, and NSC_GetTokenInfo
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
300163
|
|
Need APIs to set SSL session expiration timeout
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
301383
|
|
Original ASN1 decoder: problem decoding seqence if data is zero
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
303159
|
|
smime: NSSCMSRecipientKeyIdentifierTemplate template does not match the struct NSSCMSRecipientKeyIdentifierStr
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
303165
|
|
smime: NSSCMSKeyAgreeRecipientInfoTemplate template does not match the struct NSSCMSKeyAgreeRecipientInfoStr
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
303172
|
|
smime: NSSCMSKEKIdentifierTemplate template does not match the struct NSSCMSKEKIdentifierStr
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
304875
|
|
extend original decoder functionality to handle OPTIONAL INLINES of simple templates.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
308859
|
|
Restore CERT_VerifyCACertForUsage to its proper status
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
321318
|
|
SOL_CFLAGS and OPTIMIZER flags conflict in freebl
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
324033
|
|
NSS_Shutdown() writes DBs even if no changes were made
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
324867
|
|
Make certs sent by peer available to apps that use libSSL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
327773
|
|
ECC code conspicuously absent from lib/pk11wrap/pk11pk12.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
339466
|
|
SSL server cache watching thread is a problem for fork
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
339468
|
|
pipes used as mutexes for shared SSL server cache not closed on exec
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
340046
|
|
Don't answer client auth request that requires unsupported method
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-24
|
356756
|
|
Subjective DOS vulnerability in NSS cert path validation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
367023
|
|
Too much memory allocated for each SSL connection
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
372967
|
|
Convert PKIX to be able to use IPv6
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
387024
|
|
move certificate usage parameter to PKIX_ProcessingParams structure
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
390189
|
|
NSSTrustDomain_FindTokenByName sets no error code upon failure
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
391180
|
|
NBIO: can not return to interrupted libpkix code path with completed IO
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
391612
|
|
avoid copy der, decode to new CERTCertificate structure while creating PKIX_PL_Cert
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
391775
|
|
PKIX leaks locks because reference counting no-ops in useArena configuration
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-29
|
391809
|
|
Slop time doesn't work on CRLs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
394182
|
|
Eliminate pkix_pl_Pk11CertStore_CheckTrust or PKIX_PL_Cert_IsCertTrusted
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
396606
|
|
libpkix does not set cert counter to 1 when validating CA cert
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
396760
|
|
PKIX OIDs need to be accessed from one place in source
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
397405
|
|
Should be able to change the interval for which cert chain is present in cache
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
399062
|
|
rewrite pkix logger to use PR_NewLogModule/PR_LOG
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
400915
|
|
Remove all use of error strings from PKIX library code
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
402733
|
|
make code in pkix_BuildForwardDepthFirstSearch and pkix_Build_InitiateBuildChain more manageable
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
403692
|
|
PKIX_List is inefficient
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
403805
|
|
replace pkix_pl_Object_GetHeader with a macro
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
408845
|
|
pkix_OcspChecker_Check ignores time
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
412318
|
|
Verify that all pkix functions that return SECStatus set NSPR error code
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
417645
|
|
pkix_primhash_add should not throw error when caller attempt to add dup key/values pair.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
418762
|
|
PK11_ImportCRL ignores CRL AuthorityKeyID extension
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
426878
|
|
Multiple failures in lib pkix unit tests
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
435314
|
|
nssToken_FindCertificatesByEmail returns certs whose email address(es) do not match
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
436949
|
|
restore function pkix_trace_dump_cert and fix its leaks and logging
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
450845
|
|
Stop exporting symbols that are not present in the .def files
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
457989
|
|
Make PKCS#11 module logging more useful
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
458480
|
|
SSE2 instructions for bignum are not implemented on Solaris 32-bit
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
480174
|
|
Need user-friendly cipher suite support functions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
481447
|
|
Implement CRL Issuing Distribution Point (CIDP) extension processing
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
506264
|
|
pkix_Logger_Check ignores & leaks errors returned by called functions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
511576
|
|
pkix_getDecodeFunction may fail to load libsmime3
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
520830
|
|
Firefox is trying to add security exception instead failing to establish connection
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
523493
|
|
libssl improperly handles malformed hello extensions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
528743
|
|
Multiple problems in libpkix's AIA cert fetch code exposed by the https://www.unosoft.hu/ cert
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
560091
|
|
"OCSP signer cert not found" is reported as sec_error_bad_database
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
564334
|
|
The lookup key for the CRL cache should include not only the issuer's name but also the issuer's key ID
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
568648
|
|
Do not define -Di386 or -Dppc in security/coreconf/Darwin.mk
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
587401
|
|
pkix_pl_LdapCertStore_GetCert and pkix_pl_LdapCertStore_GetCRL leak requestArena when PKIX_CHECK triggers goto cleanup
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
587403
|
|
pkix_pl_CRLEntry_Extensions_Hashcode leaks arena when PKIX_NULLCHECK_ONE(extension) returns
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
589047
|
|
Send the Finished message and application data in the same TCP packet when SSL False Start is enabled
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
595134
|
|
NSS_SDB_USE_CACHE is slower than non cached versions with many certificates
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
597028
|
|
SSL_ImportFD does not copy all information from model
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
601058
|
|
Bad scalability caused by frequent mp_int initializations (memory calloc/free calls)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
625239
|
|
SEC_ASN1EncodeInteger doesn't encode negative values in the minimum number of octets.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
626901
|
|
If PK11_PubUnwrapSymKey fails with a non-decryption error, do not defend against the Bleichenbacher attack.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
641061
|
|
RNG_FileUpdate should zero the stack buffer before returning
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
651585
|
|
infinite loop in pkix_BuildForwardDepthFirstSearch when verifying the https://etime1.jt3.com/ server certificate with AIA certificate fetch enabled
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
673787
|
|
SECKEY_DSADecodePQG uses newparams if SECITEM_CopyItem fails
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-19
|
680292
|
|
Provide support for Origin-Bound Certificates.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
721288
|
|
CERT_PKIXVerifyCert chains one self-signed certificate of a root CA to another self-signed certificate of the same root CA
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
730770
|
|
Remove CERTDB_GOVT_APPROVED_CA support from
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
742589
|
|
Discrepancies between the documentation and implementation of the askpw module specs flag
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
778345
|
|
Use the ARM assembly code in lib/freebl/mpi/mpi_arm.c for iOS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
791875
|
|
rijndael_encryptECB. rijndael_encryptCBC, etc. do not set the *outputLen output argument.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
807250
|
|
SSL data race with ssl_GetPrivate vs. ssl_DefRecv
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-19
|
813633
|
|
Implement NSS_USE_ALG_IN_CMS_SIGNATURE
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
838922
|
|
Use the ARM rev instruction for byteswap in sha_fast.h and sha512.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
839606
|
|
Remove HTTP cert store functionality from libpkix (pkix_pl_httpcertstore.c)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
853674
|
|
The output buffer size checks in AES_Encrypt and AES_Decrypt are too lax or too strict for AES GCM
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
864898
|
|
Export CERT_GetCertKeyType
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
874940
|
|
Update the remaining pk11wrap functions for CKM_AES_CCM, CKM_AES_CTR, CKM_AES_CTS, and CKM_AES_GCM
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
925220
|
|
Check the |key_block| buffer size better in NSC_DeriveKey
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
950313
|
|
TLS server still caches a session when the session has a session ticket
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
952289
|
|
Remove the redundant function CERT_DestroyCrl
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
958786
|
|
PKIX_PL_AIAMgr_GetAIACerts should keep going if pkix_pl_AIAMgr_GetHTTPCerts or pkix_pl_AIAMgr_GetLDAPCerts fails with a non-fatal error
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
977407
|
|
NSS_Shutdown doesn't free some memory
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
979004
|
|
PK11_DefaultArray should be a const array
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1009881
|
|
ThreadSanitizer reports a lock-order inversion in NSS in CERT_NewTempCertificate
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-12-18
|
1013088
|
|
ECC cipher suites in SSL3 mode work on server side but not client with NSS_ECC_MORE_THAN_SUITE_B
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1021184
|
|
Add safety net, make sure we'll never derive from any empty key material
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1176526
|
|
Add an NSS option to require extended_master_secret for resumption
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1208405
|
|
[meta] Issues found by Coverity
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-12-11
|
1235914
|
|
Assertion failure: state->indefinite, at secasn1d.c:1965
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1242227
|
|
Document SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE and SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE better
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1265025
|
|
null pointer dereference in ssl3_GenerateSessionTicketKeysPKCS11 when running a server configured with an ec key/certificate and session tickets
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1281249
|
|
Move early_data to encrypted extensions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1287256
|
|
TLS 1.3: 0-RTT blocking mode blocks forever when you drive the handshake with PR_Read
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1287272
|
|
TLS 1.3: Allow CertificateVerify with non-Hash digests
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1319739
|
|
Allow external SSL session ID cache store
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1349226
|
|
[Meta] ASN.1 Issues
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1355993
|
|
ECDSA signature verification is too slow (P256)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1398770
|
|
Add API to set a symmetric key for TLS session cache encryption
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1438266
|
|
Be strict about versions in the TLS 1.3 supported_version ServerHello extension
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1440588
|
|
TLS session cache follow-up
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1472747
|
|
Incorrect handling of too big and too small Finished messages
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1478148
|
|
maybe softoken can stop accessing cert9.db-journal and cert9.db-wal all the time for read-only operations (affects reading Thunderbird mail)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-29
|
1480021
|
|
Provide valgrind suppression file
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1493771
|
|
MOZ_CRASH("NSS_Shutdown failed")
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1543084
|
|
incorrect error from NSS client on inability to sign CertificateVerify
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1554760
|
|
some malformed ffdhe key_shares are accepted
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1555344
|
|
NSS generates decode_error instead of illegal_parameter when it receives invalid value in record_size_limit extension
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1556594
|
|
External resumption tokens don't work across processes
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-24
|
1562046
|
|
SECKEY_ConvertToPublicKey results in 63 len public keys
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1562683
|
|
Enable higher NSS MP KDF default iteration count for LEGACY key3 storage by default
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1563195
|
|
Endless loop in nsslowcert_TraverseDBEntries
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-12
|
1568253
|
|
Slow Thunderbird, NSS DB caching isn't enabled automatically on a RHEL 7.4 network filesystem.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-12
|
1568917
|
|
TLS 1.3 - Subsequent loads fail when TLS 1.3 enabled for host
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1573256
|
|
Consider dropping padding extension
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1575368
|
|
Upgrade Clang-format used by NSS to that of Mozilla-Central
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1575923
|
|
MD2 produces wrong result
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1584644
|
|
Remove sftk_FreeSession
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
1585190
|
|
Ciphersuite preference order APIs should allow setting global preference
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-18
|
1586192
|
|
implicit nssdb migration (DBM=>SQL) and NSS_INIT_NOMODDB
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1590870
|
|
TLS 1.3 Downgrade Sentinel causing breakage
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-12
|
1600659
|
|
decode_error instead of handshake_failure when renegotiation_info is not empty
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-12
|
1604130
|
|
Re-enable Chacha20 SAW verification
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1608630
|
|
Better solution to avoid SDR slowness caused by master password iteration count
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1756127
|
|
Fuzzing Harness for ECH-13
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-03
|
1763237
|
|
[meta] Thread safety issues in NSS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-06-04
|
1869276
|
|
[meta] NSS Performance
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-01-16
|
1869282
|
|
[meta] NSS Features
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-01-12
|
1869289
|
|
[meta] NSS Stability
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-04-23
|
1885900
|
|
NSS deadlocks when attempting to sign with a certificate that requires a second password entry
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-03-30
|
1892671
|
|
RSAES-OAEP encryption support in S/MIME
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-04-24
|
36454
|
|
CRLs in pkcs7 (S/MIME messages) are ignored
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2023-01-16
|
95112
|
|
Need better parameters to nickname collision callback in PKCS12 libs.
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
129563
|
|
C_CopyObject doesn't copy session private keys
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
135327
|
|
PK11_UnwrapPrivKey requires public key value
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
145376
|
|
there is a unique S/MIME entry for each e-mail address in the certificate db, and it may point to an old expired cert
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
154255
|
|
storage of trust on hardware tokens
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
160805
|
|
Convert NSS code to use SEC_QuickDERDecodeItem
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
210941
|
|
Redefine NSS nicknames to identify certs unambiguously
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
222651
|
|
Softoken needs to be used as a generic PKCS #11 module.
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
222707
|
|
many leaked locks created by secmodCreateMutext
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
232386
|
|
NSS should report stale (leaked) references that cause shutdown failures
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
254524
|
|
Support the CKA_TRUSTED standard PKCS#11 trust bit
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
332426
|
|
result of CERT_GetCertNicknames varies on different threads
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
340174
|
|
Error during C_CopyObject() due to CKA_NETSCAPE_DB
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
342476
|
|
Problems with our extended CK_C_INITIALIZE_ARGS structure.
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
434043
|
|
problem with islogin delay check in the pkcs 11 wrapper layer
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
458750
|
|
FIPS mode password change failure must clearly report invalid new passwords
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
556299
|
|
secmod_doDescCopy miscomputes buffer size, leaks allocated string
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-10
|
1592984
|
|
Unable to change master password of SQL key4.db, CKO_NETSCAPE_TRUST, CKR_ATTRIBUTE_TYPE_INVALID, blobData == NULL
|
NSS
|
Libraries
|
rrelyea
|
NEW
|
---
|
2022-10-12
|
1773374
|
|
CERTCertificate leak in ssl3_FillInCachedSID when using a client certificate with TLS 1.3
|
NSS
|
Libraries
|
dkeeler
|
NEW
|
---
|
2024-06-05
|
205715
|
|
PK11_DestroySlot needs to lock around the C_CloseAllSessions call
|
NSS
|
Libraries
|
jschanck
|
NEW
|
---
|
2022-10-31
|
1665147
|
|
Certutil should use a better automated serial number than 1 second resolution time stamp.
|
NSS
|
Libraries
|
jschanck
|
NEW
|
---
|
2023-01-03
|
1422854
|
|
Disable key logging in optimized gyp builds
|
NSS
|
Libraries
|
kaie
|
NEW
|
---
|
2022-10-11
|
1738592
|
|
Allow NSS S/MIME code to call application defined certificate verification functions
|
NSS
|
Libraries
|
kaie
|
NEW
|
---
|
2023-10-29
|
462569
|
|
NSS_Shutdown succeeds in child, even though parent called NSS_Initialize and forked
|
NSS
|
Libraries
|
libraries
|
NEW
|
---
|
2023-11-07
|
1201868
|
|
Turn on assembler optimization for OSX x86_64
|
NSS
|
Libraries
|
m_kato
|
NEW
|
---
|
2022-10-11
|
1314849
|
|
NSS sends DTLS HelloVerifyRequest cookie in the TLS 1.3 HelloRetryRequest cookie extension
|
NSS
|
Libraries
|
nkulatova
|
NEW
|
---
|
2024-02-08
|
1387183
|
|
[meta] Integrate verified cryptographic primitives into NSS from the HACL* library
|
NSS
|
Libraries
|
nkulatova
|
NEW
|
---
|
2024-04-02
|
39488
|
|
LDAP PKCS#11 module
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
39492
|
|
certs returned from CERT_TraversePermCerts have isperm==PR_FALSE
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
43624
|
|
PKCS#11: Missing PKCS#11 methods for S/MIME
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
43629
|
|
SMIMETK: NSS_CMS{En,De}coder_Cancel does not handle nested messages
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
44838
|
|
verifying object signing CA certs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
48597
|
|
OCSP needs offline cache (persistent on-disk)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
51399
|
|
Enhancements requested for RNG_FileForRNG
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
51409
|
|
SSL_DataPending nearly always returns zero
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
51466
|
|
SSL client rejects server cert with keyUsage = digitalSignature
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
51467
|
|
Permit multiple server sockets to have separate sets of trusted CAs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
51473
|
|
Stan: formal APIs for client and server SSL session caches
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
55097
|
|
SMIMECapabilities does not check signature and key encipherment algs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
59801
|
|
S/MIME toolkit fails when attempting to create signed-enveloped-message
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
69726
|
|
SSL connections seldom shut down cleanly
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
103736
|
|
NSS uses |char *| when it should use |const char*|
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
109971
|
|
Unix: sigaction calls in safe_popen and safe_pclose are potential problems in pthreads programs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
126921
|
|
mismatches between C runtime library memory allocation functions and NSPR memory allocation functions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
130735
|
|
The S/MIME libraries overflow the stack when creating a CMS Message
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
152205
|
|
Nagle issues in ssl_EmulateTransmitFile()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
157639
|
|
CERT_GetCertNicknameWithValidity should care for revocation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
157816
|
|
Memory footprint of ASN.1 decoder
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
165822
|
|
Use macros for platforms without memory mapped files
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
171969
|
|
certs may be left orphaned in softoken after failed trust import
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
174643
|
|
CERT_CreateCertificate truncates serial number to 32 bits
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
178893
|
|
Quick decoder updates - cmd
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
181570
|
|
Implement PKCS 11 mechanisms for ANSI X9.31
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
181574
|
|
Implement PKCS 11 mechanisms for ANSI X9.42 Diffie Hellman
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
189920
|
|
NSC_SIgn returns wrong error code for CKM_SHA1_RSA_PKCS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
195842
|
|
Certificate verification could be optimized by reordering processing
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
198090
|
|
PK11SDR_Encrypt and PK11SDR_Decrypt hardcode 3DES - add support for AES
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-18
|
201143
|
|
Priority of errors in cert verification
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
202293
|
|
The Win32 gcc port of NSS should use x86 assembly code
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
202295
|
|
The Win32 gcc port of NSS should use --version-script when building the DLLs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
203323
|
|
OCSP check does not use secondary OCSP servers
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
203705
|
|
more efficient handling of PKCS#11 attributes
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
205093
|
|
Fail-over from hardware token to softoken for SSL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
208685
|
|
SSLSocket's fsync NPSR IO method throws an assertion and returns PR_FAILURE
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
210180
|
|
TCP Connection reset error on SSL client auth test
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
210709
|
|
CERT_FindCertByNameString doesn't find matching certs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
211051
|
|
CERT_FindCertBySubjectKeyID fails to find matching cert
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
211655
|
|
NSS incorrectly DER-encodes SET-OF in cert DNs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
213795
|
|
Add PK11 wrapper functions for AES Key Wrap algorithm
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
216123
|
|
support X500 name chaining [NIST PKITS tests 4.3.3 4.3.4 4.3.5 4.3.10 4.3.11 fail]
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
216695
|
|
SSL client auth fails if CA certificate is renewed in client but not in server
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
216727
|
|
need ability to poll on state of multiple tokens
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
216941
|
|
PK11_GetPQGParamsFromPrivateKey returns SECKEYPQGParams but the PK11_PQG_ functions operate on PQGParams.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
217270
|
|
need helper functions for cert chains
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
219527
|
|
S/MIME profile time in database should be decoded
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
219654
|
|
tracking bug for Cert DB record format changes
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
220414
|
|
Need library function to test NSS DBs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
226787
|
|
handling of implicit tagging in ASN.1 decoders
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
227329
|
|
GeneralizedTime decoder do not allow for leap seconds
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
234762
|
|
Improve PKCS#11 CRL interface
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
237077
|
|
legacy nicknames may contain ISO-Latin1 or UTF8 (should all be UTF8)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
241081
|
|
Cleanup for mozilla/security/nss/lib/freebl/mpi/mpi_x86.s
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
241829
|
|
API changes for NSS 4.0
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
241832
|
|
NSS APIs that take error strings should be replaced
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
245941
|
|
CMMF code encodes and decodes bogus certs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
245950
|
|
SSL_RevealURL uses PL_strdup but samples match it with PR_Free
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
261103
|
|
SECMOD_AddNewModule() returns a SECFailure NSS is init'd with NSS_NoDB_Init()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
268526
|
|
two subsequent C_DigestFinal calls are made on the same session during SSL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
271290
|
|
NSS should load an ABI compatible nssckbi
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
273862
|
|
On SSL Sockets, PR_Available should call SSL_DataPending
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
274993
|
|
allow optional disabling of re-login to token for SSL server
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
279845
|
|
NSS doesn't support anyExtendedKeyUsage EKU
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
281868
|
|
workaround inefficient reallocation of PL arenas
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
283665
|
|
Bad error mapping from PKCS11 to NSS error codes
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
285210
|
|
PORT_Memset in softoken shows up in performance profile
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
285525
|
|
Inefficiency in SSL model socket feature for servers
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
285538
|
|
PK11_GetBestSlot called repeatedly in SSL server code path
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
286635
|
|
Performance optimizations in libssl
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
288401
|
|
FIPS is broken in all command-line tools that use NSS static libraries
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
288661
|
|
when trying to use a cert from a smart card, and the smart card is not in the reader, we should put up a more useful error message
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
292112
|
|
Extend encode/decode capability to handle PRInt64 data types
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
292123
|
|
Expand NSS API to include cert_FindExtension
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
292166
|
|
Cache misses from SSL_GetStatistics are misleading
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
298649
|
|
SECITEM_ReallocItem leaks mem, doesn't set item length
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
298938
|
|
SECITEM_ReallocItem fails if newlen < oldlen and arena non-null
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
299291
|
|
NSS has 2 functions to fetch a cert from nickname which don't quite do all the required work.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
300045
|
|
SSL client cache only works within a process
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
305019
|
|
crmf: CRMFPOPOSigningKeyInputTemplate does not match to underlying structure
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-12
|
305250
|
|
SECU_PrintAny incorrectly decodes BER indefinite-length data
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-12
|
308724
|
|
RSA key size limits are not uniformly applied in freebl and softoken
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-12
|
310499
|
|
crmftest does not check for NULL in it's argument passing
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
311577
|
|
PK11_InitPin sets slot->lastLoginCheck without holding a lock
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
327548
|
|
Possible changes to DSA domain parameter (PQG) generation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-12
|
336829
|
|
NSS does not allow specifying a profile path containing characters outside of the system native codepage
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-17
|
337084
|
|
Coverity 466, dead code in mozilla/security/nss/lib/certhigh/certhigh.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
339269
|
|
TLS should only use the NIST-Recommended elliptic curves in the FIPS mode
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
339393
|
|
Five ANSI X9.62-1998 elliptic curves are disallowed in ANSI X9.62-2005.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
339895
|
|
mpp_pprime does not pick the random number x with a uniform distribution
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
340044
|
|
Implement TLS server side of "fixed_ECDH" client auth methods
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-23
|
341004
|
|
NSS uses wrong error code to report invalid CRL or OCSP signature
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-12
|
347538
|
|
OCSP response "too old" check is hardcoded to 24 hours
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
348905
|
|
strsclnt segfault + selfserv HDX PR_Read Error
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
349572
|
|
support CKM_TLS_PRE_MASTER_KEY_GEN
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
349626
|
|
__CERT_NewTempCertificate calling wrong destroy function?
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
351588
|
|
TBird reference count leak detected in secmod_PrivateModuleCount
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
352589
|
|
modutil doesn't support SHA384
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
353884
|
|
NSS_RegisterShutdown does not set a return code upon failure
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
354609
|
|
Improper use of PR_CallOnce in loader.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
354613
|
|
non-NSPR applications will crash after unloading softoken and NSPR
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
355096
|
|
Make NSS comply with latest RFCs on DN Strings
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
356623
|
|
ssl needs finer grained error codes for server key derivation failures
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
357051
|
|
Implement GetHighResClock on Linux
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
378098
|
|
Do not expire OCSP responses that say "revoked"
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
388697
|
|
ECDHE SSL tests fail on UltraSparc with Studio 11 and -fsimple=2 option
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
388836
|
|
NSS's built-in OCSP client always uses IPv4, never IPv6
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
390184
|
|
signtool fails when nickname contains colon, reports no more directory entries
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
394020
|
|
Get rid of macros PKIX_PL_NSSCALLRV and PKIX_PL_NSSCALL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
397830
|
|
PKIX: eliminate object locks
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
405155
|
|
add support for TLS-SRP, rfc5054
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
415196
|
|
SSL session resumption independent of IP addr/port
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
417589
|
|
dead code in pkix_pl_rwlock.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
422963
|
|
libpkix test failure: pkix unable to recognize SIA CA Repository method from attached cert
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
436811
|
|
RSA key gen should generate keys from the entire range of n-bit values
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-07
|
440018
|
|
Remove CKF_LIBRARY_CANT_CREATE_OS_THREADS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-30
|
449087
|
|
PK11_PubWrapSymKey ignores mechanism type when no slot implements it, and uses another
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-07
|
462456
|
|
softoken should allow re-initialization in the child after the parent forked
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-07
|
473002
|
|
Client Authentication fails, when there are two active tokens with the same tokenName
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
477349
|
|
do not build and link unused libpkix sources
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
482882
|
|
All uses of MD2 algorithm should be disabled
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
485669
|
|
CERT_DecodeAuthKeyID reports bogus errors and misses other errors
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-05
|
504402
|
|
pkix_pl_OcspResponse_Create will crash with nbioContext if httpClient->version != 1
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-28
|
505900
|
|
cert_pkixSetParam doesn't use revDate
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
516074
|
|
PKIX_DEBUG should not be enabled by default in debug builds
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-12-26
|
561035
|
|
nssckbi should link to Mozilla CA approval documentation
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
576902
|
|
libssl: Avoid allocating buffers in ss->gs whenever possible
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
594297
|
|
softoken imports certs with same nickname but different subjects, corrupts DB
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-04-18
|
611836
|
|
Implement multiple OCSP stapling extension (rfc6961)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-10-29
|
619181
|
|
PK11_DoPassword should zero the password returned by before freeing it.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
649245
|
|
Ability to disable only client side re-negotiations
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
657237
|
|
Session tickets generated by libssl leak length of client certificate
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
663315
|
|
Start accepting SHA-2-based hashes for OCSP response matching (CertID.hashAlgorithm)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-11-01
|
670462
|
|
PKCS #12 export does not let the calling application specify hash iteration count.
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
764646
|
|
Always initialize the SSL session cache locks lazily
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-02-20
|
786557
|
|
Undefined behavior caused by out-of-range shift in secmod_mkCipherFlags and secmod_mkSlotFlags
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
793099
|
|
crash in ssl_Poll | nsSSLIOLayerPoll
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-12-11
|
816488
|
|
bogus error code from NSS_Shutdown
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
919895
|
|
Crash in sec_pkcs12_convert_item_to_unicode
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-10
|
921687
|
|
softoken does not properly implement CKR_BUFFER_TOO_SMALL
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2024-01-26
|
936407
|
|
Firefox freezes when removing Gemalto smartcard
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
951781
|
|
libssl accesses the NSS certificate database during handshake, causing disk I/O to block network activity
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
973713
|
|
Need way for SSL server cipher preference to override client preference
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
1012786
|
|
PK11_GenerateKeyPair can intermittently fail even with a strong random source
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
1067760
|
|
Reading |rwlock->rw_owner| without lock in NSSRWLock_HaveWriteLock() might be not safe
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
1101547
|
|
loading multiple PKCS11 modules lead to hang
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1116881
|
|
DTLS doesn't properly handle loss of last flight
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
1139263
|
|
Disable RC4 cipher suites by default
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-11-06
|
1192442
|
|
CERT_ImportCerts is ignoring errors from CERT_AddTempCertToPerm
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1192443
|
|
CERT_MatchNickname doesn't compare the token name with the internal token
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1196821
|
|
Refactor out common code between ssl3_DeriveMasterSecret and tls_DeriveExtendedMasterSecret
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1198298
|
|
Check whether slots do TLS 1.2 and extended master secret key expansions
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1211476
|
|
Dereference of undefined pointer value in NSS_CMSDigestContext_FinishSingle()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1211725
|
|
signed/unsigned comparisons in pk11akey.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1212199
|
|
Fix signed/unsigned comparisons in NSS
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1215700
|
|
Removing remaining warnings
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1220543
|
|
Don't hard code MAX_ECKEY_LEN
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1225123
|
|
memory leak in pk11mode
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-05-25
|
1225825
|
|
Move cmd/pk11gcmtest to external_tests/pk11_gtest/
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1227463
|
|
Unable to import p12 certificate into personal certificates
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1227517
|
|
Signature algorithm list and ordering
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1234527
|
|
Unused values in nss
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1239313
|
|
Support name comparison across string types in certificates
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1245244
|
|
Expose EC_ValidatePublicKey() to PKCS#11
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1245531
|
|
Disable deprecated curves (potentially only for TLS 1.3)
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2023-12-11
|
1245777
|
|
Expose EC_NewKeyFromSeed() to PKCS#11
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1247358
|
|
Implement a mechanism that enforces a minimum runtime version of NSS/NSPR, based on the version an application was built against
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1248293
|
|
TLS 1.3: Forbid non-empty session IDs
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1248320
|
|
Key wrapping does inadvisable things with keys
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1250021
|
|
Enforce correct record version number in ServerHello for TLS 1.3
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1251258
|
|
Out-of-bounds access (ARRAY_VS_SINGLETON) in chacha20_vec.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1252795
|
|
Collapse ssl3 union and struct for sslSessionIDStr and sidCacheEntryStr
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1253107
|
|
Legacy ASN.1 decoder should offer an option as to whether or not to zero internal memory
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1253848
|
|
DTLS never gives up
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1253911
|
|
[Meta] Clean up EC code
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1254513
|
|
Clean up suiteInfo[] in sslinfo.c
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1255014
|
|
CERT_DecodeCertPackage reads only a single certificate from supplied PEM data
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1255758
|
|
Merge SID-handling code in ssl_BeginClientHandshake() and ssl3_SendClientHello()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1256137
|
|
Expose true cipher suite for resumption-PSK
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1256138
|
|
Cap lifetime of session tickets
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1258359
|
|
lg_FindTrustAttribute can't handle all trust attributes
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1259050
|
|
[meta] Clean up libmpi
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1259058
|
|
Use s_mp_setz() to fill the top digits with zeroes after shifting in s_mp_rshd()
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1259064
|
|
Consider reducing MP_DEFPREC to something lower than 64
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1261582
|
|
Provide a function for un-configuring a certificate
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|
1264007
|
|
NSS_PutEnv is thread-unsafe
|
NSS
|
Libraries
|
nobody
|
NEW
|
---
|
2022-10-11
|