You are currently viewing a snapshot of taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to, please file a bug.

NSS 3.9.3 Release Notes

October 2004




Network Security Services (NSS) 3.9.3 is a patch release for NSS 3.11. The bug fixes in NSS 3.9.3 are described in the "Bugs Fixed" section below.

Distribution Information

The CVS tag for the NSS 3.9.3 release is NSS_3_9_3_RTM.  NSS 3.9.3 requires NSPR 4.5.

See the Documentation section for the build instructions.

NSS 3.9.3 source and binary distributions are also available on for secure HTTPS download:

You also need to download the NSPR 4.5 binary distributions to get the NSPR 4.5 header files and shared libraries, which NSS 3.9.3 requires. NSPR 4.5 binary distributions are in

Bugs Fixed

The following bugs have been fixed in NSS 3.9.3.
  • Bug 242040: Add Unizeto Certum CA certificates to NSS
  • Bug 244982: Add ipsCA root certificates to NSS
  • Bug 248981: SECMOD_LoadPKCS11Module is not thread-safe
  • Bug 249488: root cert module requires locking functions in CK_C_INITIALIZE_ARGS
  • Bug 250687: NSS Crashes or leaks Cert references if bad certs are passed up by PKCS #11 modules.
  • Bug 252132: Add Comodo CA certs to NSS
  • Bug 252271: CERT_VerifyCert with param certUsageVerifyCA fails or asserts
  • Bug 252375: Add a VERSIONINFO resource to nssckbi.dll.
  • Bug 252702: NSS needs to handle better token insertion and removal.
  • Bug 254393: PK11_FindKeyByAnyCert always returns a key object even if there is no key
  • Bug 258779: libnss3 on Solaris needs additional rpath to /usr/lib/mps
  • Bug 259003: port NSS to Solaris AMD64
  • Bug 259229: TLS handshakes fail when server DHE params exceed NSS size limits
  • Bug 260882: cache->searchedObjectType[[] should always be cleared in clear_cache()
  • Bug 261333: New PK11_PubEncryptPKCS1 function always fails
  • Bug 261496: REGRESSION
  • Bug 262274: visibility of PK11_GetCertFromPrivateKey and CERT_DecodeDERCertificate
  • Bug 263799: crash in [[@ NSSRWLock_LockRead] closing Mozilla after open Master Password pref panel


For a list of the primary NSS documentation pages on, see NSS Documentation.


NSS 3.9.3 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.9.3 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries.


Bugs discovered should be reported by filing a bug report with Bugzilla (product NSS).