Bug 1779398 - land NSS NSS_3_81_RTM UPGRADE_NSS_RELEASE, r=nss-reviewers,nkulatova DONTBUILD

Differential Revision: https://phabricator.services.mozilla.com/D152398

security/nss/TAG-INFO

@@ -1 +1 @@
-164849c15197
+NSS_3_81_RTM

security/nss/coreconf/coreconf.dep

@@ -10,4 +10,3 @@
  */
 
 #error "Do not include this header file."
-

security/nss/doc/rst/releases/index.rst

@@ -8,6 +8,7 @@ Releases
    :glob:
    :hidden:
 
+   nss_3_81.rst
    nss_3_80.rst
    nss_3_79.rst
    nss_3_78_1.rst
@@ -37,8 +38,8 @@ Releases
 
 .. note::
 
-   **NSS 3.80** is the latest version of NSS.
-   Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_80_release_notes`
+   **NSS 3.81** is the latest version of NSS.
+   Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_81_release_notes`
 
    **NSS 3.79** is the latest ESR version of NSS.
    Complete release notes are available here: :ref:`mozilla_projects_nss_nss_3_79_release_notes`
@@ -46,24 +47,11 @@ Releases
 
 .. container::
 
-   Changes in 3.80 included in this release:
+   Changes in 3.81 included in this release:
+
+   - Bug 1762831: Enable aarch64 hardware crypto support on OpenBSD.
+   - Bug 1775359 - make NSS_SecureMemcmp 0/1 valued.
+   - Bug 1779285: Add no_application_protocol alert handler and test client error code is set.
+   - Bug 1777672 - Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.
 
-   - Bug 1774720 - Fix SEC_ERROR_ALGORITHM_MISMATCH entry in SECerrs.h.
-   - Bug 1617956 - Add support for asynchronous client auth hooks.
-   - Bug 1497537 - nss-policy-check: make unknown keyword check optional.
-   - Bug 1765383 - GatherBuffer: Reduced plaintext buffer allocations by allocating it on initialization. Replaced redundant code with assert. Debug builds: Added buffer freeing/allocation for each record.
-   - Bug 1773022 - Mark 3.79 as an ESR release.
-   - Bug 1764206 - Bump nssckbi version number for June.
-   - Bug 1759815 - Remove Hellenic Academic 2011 Root.
-   - Bug 1770267 - Add E-Tugra Roots.
-   - Bug 1768970 - Add Certainly Roots.
-   - Bug 1764392 - Add DigitCert Roots.
-   - Bug 1759794 - Protect SFTKSlot needLogin with slotLock.
-   - Bug 1366464 - Compare signature and signatureAlgorithm fields in legacy certificate verifier.
-   - Bug 1771497 - Uninitialized value in cert_VerifyCertChainOld.
-   - Bug 1771495 - Unchecked return code in sec_DecodeSigAlg.
-   - Bug 1771498 - Uninitialized value in cert_ComputeCertType.
-   - Bug 1760998 - Avoid data race on primary password change.
-   - Bug 1769063 - Replace ppc64 dcbzl intrinisic.
-   - Bug 1771036 - Allow LDFLAGS override in makefile builds.
 

security/nss/doc/rst/releases/nss_3_81.rst

@@ -0,0 +1,60 @@
+.. _mozilla_projects_nss_nss_3_81_release_notes:
+
+NSS 3.81 release notes
+======================
+
+`Introduction <#introduction>`__
+--------------------------------
+
+.. container::
+
+   Network Security Services (NSS) 3.81 was released on **21 July 2022**.
+
+
+.. _distribution_information:
+
+`Distribution Information <#distribution_information>`__
+--------------------------------------------------------
+
+.. container::
+
+   The HG tag is NSS_3_81_RTM. NSS 3.81 requires NSPR 4.34 or newer.
+
+   NSS 3.81 source distributions are available on ftp.mozilla.org for secure HTTPS download:
+
+   -  Source tarballs:
+      https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_81_RTM/src/
+
+   Other releases are available :ref:`mozilla_projects_nss_releases`.
+
+.. _changes_in_nss_3.81:
+
+`Changes in NSS 3.81 <#changes_in_nss_3.81>`__
+----------------------------------------------------
+
+.. container::
+
+   - Bug 1762831: Enable aarch64 hardware crypto support on OpenBSD.
+   - Bug 1775359 - make NSS_SecureMemcmp 0/1 valued.
+   - Bug 1779285: Add no_application_protocol alert handler and test client error code is set.
+   - Bug 1777672 - Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.
+
+`Compatibility <#compatibility>`__
+----------------------------------
+
+.. container::
+
+   NSS 3.81 shared libraries are backwards-compatible with all older NSS 3.x shared
+   libraries. A program linked with older NSS 3.x shared libraries will work with
+   this new version of the shared libraries without recompiling or
+   relinking. Furthermore, applications that restrict their use of NSS APIs to the
+   functions listed in NSS Public Functions will remain compatible with future
+   versions of the NSS shared libraries.
+
+`Feedback <#feedback>`__
+------------------------
+
+.. container::
+
+   Bugs discovered should be reported by filing a bug report on
+   `bugzilla.mozilla.org <https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS>`__ (product NSS).

security/nss/lib/nss/nss.h

@@ -22,12 +22,12 @@
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
  */
-#define NSS_VERSION "3.81" _NSS_CUSTOMIZED " Beta"
+#define NSS_VERSION "3.81" _NSS_CUSTOMIZED
 #define NSS_VMAJOR 3
 #define NSS_VMINOR 81
 #define NSS_VPATCH 0
 #define NSS_VBUILD 0
-#define NSS_BETA PR_TRUE
+#define NSS_BETA PR_FALSE
 
 #ifndef RC_INVOKED
 

security/nss/lib/softoken/softkver.h

@@ -17,11 +17,11 @@
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]"
  */
-#define SOFTOKEN_VERSION "3.81" SOFTOKEN_ECC_STRING " Beta"
+#define SOFTOKEN_VERSION "3.81" SOFTOKEN_ECC_STRING
 #define SOFTOKEN_VMAJOR 3
 #define SOFTOKEN_VMINOR 81
 #define SOFTOKEN_VPATCH 0
 #define SOFTOKEN_VBUILD 0
-#define SOFTOKEN_BETA PR_TRUE
+#define SOFTOKEN_BETA PR_FALSE
 
 #endif /* _SOFTKVER_H_ */

security/nss/lib/util/nssutil.h

@@ -19,12 +19,12 @@
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]"
  */
-#define NSSUTIL_VERSION "3.81 Beta"
+#define NSSUTIL_VERSION "3.81"
 #define NSSUTIL_VMAJOR 3
 #define NSSUTIL_VMINOR 81
 #define NSSUTIL_VPATCH 0
 #define NSSUTIL_VBUILD 0
-#define NSSUTIL_BETA PR_TRUE
+#define NSSUTIL_BETA PR_FALSE
 
 SEC_BEGIN_PROTOS