- Mozilla Bugzilla #1352476 - RFE: Document on the README how to create a
release tag (mharmsen)
- Mozilla Bugzilla #1355358 - CryptoStore: add methods for importing and
exporting EncryptedPrivateKeyInfo (ftweedal)
- Mozilla Bugzilla #1359731 - CryptoStore.importPrivateKey enhancements
(ftweedal)
- Mozilla Bugzilla #1355268 - JSS 4.4 is incompatible with versions of
idm-console-framework < 1.1.17-4
- Red Hat Bugzilla #1435076 - Remove unused legacy lines from JSS spec files
- Bugzilla Bug #1431937 - Rebase jss to 4.4.0 in Fedora 25+
- ## JSS 4.4.0 includes the following patches ported from downstream:
- Mozilla Bugzilla #507536 - Add IPv6 functionality to JSS
- Mozilla Bugzilla #1307872 - Expose NSS calls for OCSP settings
- Mozilla Bugzilla #1307882 - RFE ecc - add ecc curve name support in JSS an
CS interface
- Mozilla Bugzilla #1307993 - Expose updated certificate verification functi
in JSS
- Mozilla Bugzilla #1308000 - Incorrect socket accept error message due to b
pointer arithmetic
- Mozilla Bugzilla #1308001 - Verification should fail when a revoked
certificate is added
- Mozilla Bugzilla #1308004 - Warnings should be cleaned up in JSS build
- Mozilla Bugzilla #1308006 - DRM failed to recovery keys when in FIPS mode
(HSM + NSS)
- Mozilla Bugzilla #1308008 - Defects revealed by Coverity scan
- Mozilla Bugzilla #1308009 - Add support for PKCS5v2; support for secure PK
- Mozilla Bugzilla #1308012 - DRM: during archiving and recovering, wrapping
unwrapping keys should be done in the token
- Mozilla Bugzilla #1308013 - JSS - HSM token name was mistaken for
manufacturer identifier
- Mozilla Bugzilla #1308017 - Un-deprecate previously deprecated methods in
JSS 4.2.6
- Mozilla Bugzilla #1308019 - Provide Tomcat support for TLS v1.1 and
TLS v1.2 via NSS through JSS
- Mozilla Bugzilla #1308026 - JSS certificate validation does not pass up ex
error from NSS
- Mozilla Bugzilla #1308027 - Merge pki-symkey into jss
- Mozilla Bugzilla #1308029 - Resolve Javadoc build issues
- Mozilla Bugzilla #1308047 - support ECC encryption key archival and recove
- Mozilla Bugzilla #1313122 - Remove bypass tests as latest NSS has removed
PKCS#11 bypass support
- Mozilla Bugzilla #1328675 - Simple problem unwrapping AES sym keys on toke
- Mozilla Bugzilla #1345174 - Cannot create system certs when using LunaSA H
in FIPS Mode and ECC algorithms
- Mozilla Bugzilla #1345613 - expose AES KeyWrap and add some useful OID
functions
- Mozilla Bugzilla #1346410 - Load JSS libraries appropriately
- ## JSS 4.4.0 includes the following changes for building and testing:
- Mozilla Bugzilla #1331765 - Simplify JSS Makefile build and test
- Mozilla Bugzilla #1346420 - Document steps required to use the proper
libjss4.so when running certain HMAC Algorithms tests
* Bugzilla Bug #1040640 - Incorrect OIDs for SHA2 algorithms
(cfu for jnimeh@gmail.com)
* Bugzilla Bug #1133718 - Key strength validation is not performed for RC4
algorithm (nkinder)
* Bugzilla Bug #816396 - Provide Tomcat support for TLS v1.1 and
TLS v1.2 via NSS through JSS (cfu)
unwrapping keys should be done in the token
support for PKCS5v2; support for secure PKCS12
Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after the
in-place upgrade( CS 8.0->8.1)
Incorrect socket accept error message due to bad pointer arithmetic
- bug 661142 - <cfu@redhat.com>
Verification should fail when a revoked certificate is added
