You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

NSS 3.9.2 Release Notes

June 2004




Network Security Services (NSS) 3.9.2 is a patch release for NSS 3.11. The bug fixes in NSS 3.9.2 are described in the "Bugs Fixed" section below.

Distribution Information

The CVS tag for the NSS 3.9.2 release is NSS_3_9_2_RTM.  NSS 3.9.2 requires NSPR 4.5.

See the Documentation section for the build instructions.

NSS 3.9.2 source and binary distributions are also available on for secure HTTPS download:

You also need to download the NSPR 4.5 binary distributions to get the NSPR 4.5 header files and shared libraries, which NSS 3.9.2 requires. NSPR 4.5 binary distributions are in

Bugs Fixed

The following bugs have been fixed in NSS 3.9.2.
  • Bug 202979: CERT_ImportCerts always returns SECSuccess
  • Bug 234058: Certificate name matching for non-FQDNs is insecure
  • Bug 237934: nss_InitLock not atomic
  • Bug 240784: FIPS mode does not work on OS/2
  • Bug 242984: workaround for incomplete NSPR I/O layer in lib/ssl
  • Bug 244095: several libraries need to be linked with -R $ORIGIN
  • Bug 244907: NSS needs to handle unprotected keys in tokens.
  • Bug 244914: NSS needs to provide applications access to application private objects.
  • Bug 244915: freebl doesn't build correctly on Solaris 10 Sparc
  • Bug 245518: NSS tools should have an rpath of /usr/lib/mps/secv1
  • Bug 245915: NSS should have a API to tell if NSS has been initialized or not
  • Bug 247406: secport.h has PORT_Strdup in C++ unsafe section


For a list of the primary NSS documentation pages on, see NSS Documentation.


NSS 3.9.2 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.9.2 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.


Bugs discovered should be reported by filing a bug report with Bugzilla (product NSS).