NSS 3.11.6 Release Notes
14 February 2007
IntroductionNetwork Security Services (NSS) 3.11.6 is a patch release for NSS 3.11. The bug fixes in NSS 3.11.6 are described in the "Bugs Fixed" section below.
Distribution InformationThe CVS tag for the NSS 3.11.6 release is NSS_3_11_6_RTM. NSS 3.11.6 requires NSPR 4.6.6.
See the Documentation section for the build instructions.
NSS 3.11.6 source and binary distributions are also available on ftp.mozilla.org for secure HTTPS download:
- Source tarballs: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_6_RTM/src/.
- Binary distributions: https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_6_RTM/. Both debug and optimized builds are provided. Go to the subdirectory for your platform, DBG (debug) or OPT (optimized), to get the tar.gz or zip file. The tar.gz or zip file expands to an nss-3.11.6 directory containing three subdirectories:
- include - NSS header files
- lib - NSS shared libraries
- bin - NSS Tools and test programs
Bugs FixedThe following bugs have been fixed in NSS 3.11.6.
- Bug 58507: OCSP requires the CA to have extendedKeyUsage extensions
- Bug 337519: Certutil/blapitest usage mentions unimplemented curves
- Bug 342461: verify signature on an OCSP response without intermediate decoding and encoding
- Bug 348882: addbuiltin command ignores c trust arg (and probably others)
- Bug 363476: vfyserv needs OCSP option
- Bug 364684: NSS crashes when slot's session handle counter overflows
- Bug 366803: Improve SSL tracing