You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

NSS 3.10.2 Release Notes

17 October 2005




Network Security Services (NSS) 3.10.2 is a patch release for NSS 3.11. The bug fixes in NSS 3.10.2 are described in the "Bugs Fixed" section below.

Distribution Information

The CVS tag for the NSS 3.10.2 release is NSS_3_10_2_RTM.  NSS 3.10.2 requires NSPR 4.5.2.

See the Documentation section for the build instructions.

NSS 3.10.2 source and binary distributions are also available on for secure HTTPS download:

You also need to download the NSPR 4.5.2 binary distributions to get the NSPR 4.5.2 header files and shared libraries, which NSS 3.10.2 requires. NSPR 4.5.2 binary distributions are in

Bugs Fixed

The following bugs have been fixed in NSS 3.10.2.
  • Bug 191470: Multipart CKM_DSA_SHA1 signing broken if given large buffer
  • Bug 244922: ASN.1 encoder outputs trash for optional may-stream subtemplate
  • Bug 265369: compiler warning in unix_rand
  • Bug 274984: libsoftokn3 fails to load libfreebl in setuid programs
  • Bug 291858: Some NSS mechanism numbers don't match the PKCS11 spec
  • Bug 294071: secport.h comment confusion
  • Bug 294333: NSS fails to build with cygwin on Windows ME (MSVC6 SP5)
  • Bug 295298: RSA key size limits are not applied to key pair generation in freebl
  • Bug 295754: PK11_ListCertsInSlot crashes in subject_list_sort on a cert with unsupported critical extension
  • Bug 296410: NSS 3.9.3 not support SHA-512
  • Bug 297015: bltest should run multithreaded
  • Bug 297826: Create .map files for security DLLs
  • Bug 298409: MSVC debug runtime library assertion failures in crlutil
  • Bug 298532: NSS support for Mac 10.4u (universal) SDK
  • Bug 298537: softoken PKCS#11 version is incorrect
  • Bug 298538: S/MIME message verification fails if cert is signing-only
  • Bug 298957: PK11_TokenKeyGen should add CKA_UNWRAP and CKA_WRAP attributes to object template
  • Bug 299197: Need CKA_EXTRACTABLE for PK11_GenerateKeyPair
  • Bug 301554: SSL/TLS Client Authentication with 3rd party PKCS#11 module failes in case there is an unrecognized token in addition to the token that ought to be used.
  • Bug 303494: SEC_LookupCrls(..
  • Bug 308727: NSS tries to call C_WaitForSlotEvent on PKCS#11 2.0 modules
  • Bug 308887: CRMF request generation problem when using latest firefox


For a list of the primary NSS documentation pages on, see NSS Documentation.


NSS 3.10.2 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.10.2 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.


Bugs discovered should be reported by filing a bug report with Bugzilla (product NSS).