NSS 3.12.10 release notes

  • Revision slug: NSS_3.12.10_release_notes
  • Revision title: NSS 3.12.10 release notes
  • Revision id: 68045
  • Created:
  • Creator: emaldona@redhat.com
  • Is current revision? No
  • Comment 4778 words added

Revision Content

<center>2010-09-23</center> <center><em><font size="-1">Newsgroup: <a class=" link-news" rel="external" href="news://news.mozilla.org/mozilla.dev.tech.crypto" title="news://news.mozilla.org/mozilla.dev.tech.crypto" target="_blank">mozilla.dev.tech.crypto</a></font></em></center>
<p><a name="Introduction"></a></p>
<div id="section_1"><span id="Introduction"></span><h1 class="editable">Introduction</h1>
<p>Network Security Services (NSS) 3.12.10 is a patch release for NSS 3.12. The bug fixes in NSS 3.12.10 are described in the "<a href="#bugsfixed">Bugs Fixed</a>" section below.</p>
<p>NSS 3.12.10 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1. <a name="distribution"></a></p>
</div><div id="section_2"><span id="Distribution_Information"></span><h1 class="editable">Distribution Information</h1>
<p>The CVS tag for the NSS 3.12.10 release is <code>NSS_3.12.10_RTM</code>.&nbsp; NSS 3.12.10 requires <a class=" external" rel="external" href="http://www.mozilla.org/projects/nspr...s/nspr486.html" title="http://www.mozilla.org/projects/nspr...s/nspr486.html" target="_blank">NSPR 4.8.8</a>.<br>
<br>
See the <a href="#docs">Documentation</a> section for the build instructions.</p>
<p>NSS 3.12.10 source distribution is also available on <code>ftp.mozilla.org</code> for secure HTTPS download:</p>
<ul> <li>Source tarballs: <a class=" link-https" rel="external" href="https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/" title="https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/" target="_blank">https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/</a>.</li>
</ul>
<p>You also need to download the NSPR 4.8.8 binary distributions to get
the NSPR 4.8.8 header files and shared libraries, which NSS 3.12.10
requires. NSPR 4.8.8 binary distributions are in <a class=" link-https" rel="external" href="https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/" title="https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/" target="_blank">https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/</a>.<br>
<a name="new"></a></p>
</div><div id="section_3"><span id="New_in_NSS_3.12.10"></span><h1 class="editable">New in NSS 3.12.10</h1>
<div id="section_4"><span id="Browser_Wildcard_Certificate_Validation_Issue_(CVE-2010-3170)"></span><h3 class="editable"><span>Browser Wildcard Certificate Validation Issue (CVE-2010-3170)</span><div class="editIcon"><a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;sectionId=4"><span class="icon"><img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"></span></a></div></h3>
<ul> This vulnerability is fixed in NSS 3.12.10.<br> See the <a class=" external" rel="external" href="http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt" title="http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt" target="_blank">Westpoint Security Advisory</a> for details on this vulnerability. </ul> </div><div id="section_5"><span id="Removed_functions"></span><h3 class="editable"><span>Removed functions</span><div class="editIcon"><a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;sectionId=5"><span class="icon"><img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"></span></a></div></h3> <ul> <em>in jar.h</em> <ul> <li>JAR_cert_attribute</li> </ul> </ul> </div><div id="section_6"><span id="New_SSL_options"></span><h3 class="editable"><span>New SSL options</span><div class="editIcon"><a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;sectionId=6"><span class="icon"><img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"></span></a></div></h3> <ul> <em>in ssl.h</em> <ul> <li>SSL_ENABLE_FALSE_START: Enable SSL false start (off by default, applies only to clients).</li> </ul> </ul> </div><div id="section_7"><span id="New_error_codes"></span><h3 class="editable"><span>New error codes</span><div class="editIcon"><a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;sectionId=7"><span class="icon"><img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"></span></a></div></h3> <ul> <em>in sslerr.h</em> <ul> <li>SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY</li> </ul> </ul> <p><a name="bugsfixed"></a></p> </div></div><div id="section_8"><span id="Bugs_Fixed"></span><h1 class="editable">Bugs Fixed</h1> <p>The following bugs have been fixed in NSS 3.12.10.</p>
<ul>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642815" title="https://bugzilla.mozilla.org/show_bug.cgi?id=642815" target="_blank">Bug 642815</a>: Deal with bogus certs issued by Comodo partner - NSS level fix</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=650272" title="https://bugzilla.mozilla.org/show_bug.cgi?id=650272" target="_blank">Bug 650272</a>: seckey functions call memset with sizeof(pointer) instead of sizeof(*pointer)</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629839" title="https://bugzilla.mozilla.org/show_bug.cgi?id=629839" target="_blank">Bug 629839</a>: compiler version detection in security/coreconf/Darwin.mk fails for clang</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=527508" title="https://bugzilla.mozilla.org/show_bug.cgi?id=527508" target="_blank">Bug 527508</a>: libpkix: need to check crl issuer key usages before downloading a crl using CRLDP</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642129" title="https://bugzilla.mozilla.org/show_bug.cgi?id=642129" target="_blank">Bug 642129</a>: March 2011 batch of NSS root changes</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=584224" title="https://bugzilla.mozilla.org/show_bug.cgi?id=584224" target="_blank">Bug 584224</a>: CMS does not allow content types other than S/MIME</li>  
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=630589" title="https://bugzilla.mozilla.org/show_bug.cgi?id=630589" target="_blank">Bug 630589</a>: Improve certutil help output, introduce overview and help sections</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=647902" title="https://bugzilla.mozilla.org/show_bug.cgi?id=647902" target="_blank">Bug 647902</a>: Add general purpose allocation code for CERT_PKIXVerifyCert</li>
<li><a class=" link-https" rel="external"
href="https://bugzilla.mozilla.org/show_bug.cgi?id=622719" title="https://bugzilla.mozilla.org/show_bug.cgi?id=622719"
target="_blank">Bug 622719</a>: Remove legacy root certificates from NSS</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=595988" title="https://bugzilla.mozilla.org/show_bug.cgi?id=595988" target="_blank">Bug 595988</a>: NSS trusts CAs it shouldn't (trusts system db over user db)</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625675" title="https://bugzilla.mozilla.org/show_bug.cgi?id=625675" target="_blank">Bug 625675</a>: trust flags are not being deleted when we delete the associated certificate</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=616757" title="https://bugzilla.mozilla.org/show_bug.cgi?id=616757" target="_blank">Bug 616757</a>: When using non-RSA key exchange and renegotiating, NSS will always send a client certificate if the first handshake requested one, but subsequent renegotiation handshakes did not</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633039" title="https://bugzilla.mozilla.org/show_bug.cgi?id=633039" target="_blank">Bug 633039</a>: pkix_pl_Socket_Poll unintentionally overwrites socket status (operator= used instead of operator==)</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=639789" title="https://bugzilla.mozilla.org/show_bug.cgi?id=639789" target="_blank">Bug 639789</a>: Possible minor memory leak in SNI code</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=631986" title="https://bugzilla.mozilla.org/show_bug.cgi?id=631986" target="_blank">Bug 631986</a>: SSL_ReconfigFD tries to access elements of a null pointer.</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629299" title="https://bugzilla.mozilla.org/show_bug.cgi?id=629299" target="_blank">Bug 629299</a>: core dump when tls session tickets are enabled and session cache is disabled</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=644440" title="https://bugzilla.mozilla.org/show_bug.cgi?id=644440" target="_blank">Bug 644440</a>: request add a new feature for SDP native support</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=599831" title="https://bugzilla.mozilla.org/show_bug.cgi?id=599831" target="_blank">Bug 599831</a>: scalability limited on 4-socket Westmere by hot lock for RSA blinding params list</li>
<li><a class=" link-https" rel="external"
href="https://bugzilla.mozilla.org/show_bug.cgi?id=635778" title="https://bugzilla.mozilla.org/show_bug.cgi?id=635778" target="_blank">Bug 635778</a>: Need an API to pass user defined cert chain when SSL socket is set up</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=596842" title="https://bugzilla.mozilla.org/show_bug.cgi?id=596842" target="_blank">Bug 596842</a>: pkix_pl_InfoAccess_ParseLocation should replace "%" hex hex escape sequences before calling pkix_pl_InfoAccess_ParseTokens.</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633002" title="https://bugzilla.mozilla.org/show_bug.cgi?id=633002" target="_blank">Bug 633002</a>: SECKEY_ImportDERPublicKey causes memory leaks</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=645460" title="https://bugzilla.mozilla.org/show_bug.cgi?id=645460" target="_blank">Bug 645460</a>: Default to 32-bit NSS builds on OS X 10.6 (Snow Leopard) and later, too</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=638821" title="https://bugzilla.mozilla.org/show_bug.cgi?id=638821" target="_blank">Bug 638821</a>: Possible lock order inconsistency (potential deadlock) in SSL machinery</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597618" title="https://bugzilla.mozilla.org/show_bug.cgi?id=597618" target="_blank">Bug </a>workaround: short-curcuit infinite loop in pkix_BuildForwardDepthFirstSearch when verifying the https://etime1.jt3.com/ server certificate with AIA certificate fetch enabled</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=628378" title="https://bugzilla.mozilla.org/show_bug.cgi?id=628378" target="_blank">Bug 628378</a>: Please drop [] around the expressions in .size assembler directives</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597624" title="https://bugzilla.mozilla.org/show_bug.cgi?id=597624" target="_blank">Bug 597624</a>: pp -t certificate should identify and indent the DistributionPoints in the CRL distribution points extension</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=634490" title="https://bugzilla.mozilla.org/show_bug.cgi?id=634490" target="_blank">Bug 634490</a>: nss_clean_all fails in Windows 7 without administrator privileges</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559510" title="https://bugzilla.mozilla.org/show_bug.cgi?id=559510" target="_blank">Bug 559510</a>: Bad scalability caused by contention for random number generator</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=572289" title="https://bugzilla.mozilla.org/show_bug.cgi?id=572289" target="_blank">Bug 572289</a>: SEC_ASN1EncodeInteger cannot correctly encode some integer values</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=646610" title="https://bugzilla.mozilla.org/show_bug.cgi?id=646610" target="_blank">Bug 646610</a>: Remove obsolete comment from security/nss/lib/freebl/sha512.c</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559508" title="https://bugzilla.mozilla.org/show_bug.cgi?id=559508" target="_blank">Bug 559508</a>: Bad scalability on 4-socket Nehalem caused by unused counters</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625491" title="https://bugzilla.mozilla.org/show_bug.cgi?id=625491" target="_blank">Bug 625491</a>: PKCS #11 logger should print CK_ULONG attributes as an integer</li>
<li><a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/show_bug.cgi?id=640125" title="https://bugzilla.mozilla.org/show_bug.cgi?id=640125" target="_blank">Bug 640125</a>: SSL_CanBypass has minor memory leaks</li>
</ul> <p><a name="docs"></a></p>
</div><div id="section_9"><span id="Documentation"></span><h1 class="editable">Documentation</h1> <p>For a list of the primary NSS documentation pages on mozilla.org, see <a rel="internal" href="https://developer.mozilla.org/en/index.html#Documentation" class="new " title="en/index.html#Documentation">NSS Documentation</a>. New and revised documents available since the release of NSS 3.11 include the following:</p> <ul> <li><a rel="internal" href="https://developer.mozilla.org/en/nss-3.11.4/nss-3.11.4-build.html" class="new " title="en/nss-3.11.4/nss-3.11.4-build.html">Build Instructions for NSS 3.11.4 and above</a>
</li>
<li><a class=" external" rel="external" href="http://wiki.mozilla.org/NSS_Shared_DB" title="http://wiki.mozilla.org/NSS_Shared_DB" target="_blank">NSS Shared DB</a></li> </ul> <p><a name="compatibility"></a></p> </div><div id="section_10"><span id="Compatibility"></span><h1 class="editable">Compatibility</h1> <p>NSS
 3.12.10 shared libraries are backward compatible with all older NSS 3.x
shared libraries. A program linked with older NSS 3.x shared libraries
will work with NSS 3.12.10 shared libraries without recompiling or
relinking.&nbsp; Furthermore, applications that restrict their use of
NSS APIs to the functions listed in <a rel="internal" href="https://developer.mozilla.org/en/ref/nssfunctions.html" class="new " title="en/ref/nssfunctions.html">NSS Public Functions</a> will remain compatible with future versions of the NSS shared libraries. <a name="feedback"></a></p> </div><div id="section_11"><span id="Feedback"></span><h1 class="editable">Feedback</h1> <p>Bugs discovered should be reported by filing a bug report with <a class=" link-https" rel="external" href="https://bugzilla.mozilla.org/" title="https://bugzilla.mozilla.org/" target="_blank">mozilla.org Bugzilla</a> (product NSS).</p></div></div></div>
            <section class="page-meta">
                  <section id="page-tags">
            <h2>Tags <span class="sub">(1)</span></h2>
              <a href="https://developer.mozilla.org/index.php?title=Special:Tags&amp;pageId=62067" id="deki-page-tags-toggleview">Edit tags</a>              <div id="deki-page-tags"><ul class="tags"><li><a href="https://developer.mozilla.org/Special:Tags?tag=NSS" title="NSS" tagid="73" class="text">NSS</a></li></ul></div>          </section>
        
                  <section id="page-files">
            <h2>Attachments <span class="sub">(0)</span></h2>
            <div id="pageFiles"><div class="nofiles">&nbsp;</div></div>            <div id="deki-image-gallery-lite"><table class="table empty" width="100%" border="0" cellpadding="0" cellspacing="0"><colgroup><col width="33%"><col width="33%"><col width="33%"></colgroup><tbody><tr class="bg1"><th class="col1" colspan="3">Images 0</th></tr><tr class="bg2"><td class="col1 empty" colspan="3">No images to display in the gallery.</td></tr></tbody></table></div>            <p class="add">    <a href="#" onclick="return doPopupAttach(62067);" title="Attach file">Attach file</a>
</p>
          </section>
        
                        
        </section>
        </div>

    </article>

    <p class="last-mod hideforedit">
      Page last modified <a href="https://developer.mozilla.org/index.php?title=en/NSS_3.12.10_release_notes&amp;action=history" title="18:14, 8 Oct 2010">18:14, 8 Oct 2010</a> by <a href="https://developer.mozilla.org/index.php?title=User:christophe.ravel.bugs%40sun.com" class="link-user" rel="internal">christophe.ravel.bugs@sun.com</a>    </p>

  </div><!-- /#content-main -->


Anchor
Bugs Fixed


Anchor
Documentation

For a list of the primary NSS documentation pages on mozilla.org, see NSS Documentation. New and revised documents available since the release of NSS 3.11 include the following:

    Build Instructions for NSS 3.11.4 and above
    NSS Shared DB

Anchor
Compatibility

NSS 3.12.10 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.12.8 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries. Anchor
Feedback

Bugs discovered should be reported by filing a bug report with mozilla.org Bugzilla (product NSS).

Revision Source

 &lt;center&gt;2010-09-23&lt;/center&gt; &lt;center&gt;&lt;em&gt;&lt;font size="-1"&gt;Newsgroup: &lt;a class=" link-news" rel="external" href="<a class=" link-news" href="news://news.mozilla.org/mozilla.dev.tech.crypto" rel="freelink">news://news.mozilla.org/mozilla.dev.tech.crypto</a>" title="<a class=" link-news" href="news://news.mozilla.org/mozilla.dev.tech.crypto" rel="freelink">news://news.mozilla.org/mozilla.dev.tech.crypto</a>" target="_blank"&gt;mozilla.dev.tech.crypto&lt;/a&gt;&lt;/font&gt;&lt;/em&gt;&lt;/center&gt;<br> &lt;p&gt;&lt;a name="Introduction"&gt;&lt;/a&gt;&lt;/p&gt;<br> &lt;div id="section_1"&gt;&lt;span id="Introduction"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Introduction&lt;/h1&gt;<br> &lt;p&gt;Network Security Services (NSS) 3.12.10 is a patch release for NSS 3.12. The bug fixes in NSS 3.12.10 are described in the "&lt;a href="#bugsfixed"&gt;Bugs Fixed&lt;/a&gt;" section below.&lt;/p&gt;<br> &lt;p&gt;NSS 3.12.10 is tri-licensed under the MPL 1.1/GPL 2.0/LGPL 2.1. &lt;a name="distribution"&gt;&lt;/a&gt;&lt;/p&gt;<br> &lt;/div&gt;&lt;div id="section_2"&gt;&lt;span id="Distribution_Information"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Distribution Information&lt;/h1&gt;<br> &lt;p&gt;The CVS tag for the NSS 3.12.10 release is &lt;code&gt;NSS_3.12.10_RTM&lt;/code&gt;.&amp;nbsp; NSS 3.12.10 requires &lt;a class=" external" rel="external" href="<a class=" external" href="http://www.mozilla.org/projects/nspr/release-notes/nspr486.html" rel="freelink">http://www.mozilla.org/projects/nspr...s/nspr486.html</a>" title="<a class=" external" href="http://www.mozilla.org/projects/nspr/release-notes/nspr486.html" rel="freelink">http://www.mozilla.org/projects/nspr...s/nspr486.html</a>" target="_blank"&gt;NSPR 4.8.8&lt;/a&gt;.&lt;br&gt;<br> &lt;br&gt;<br> See the &lt;a href="#docs"&gt;Documentation&lt;/a&gt; section for the build instructions.&lt;/p&gt;<br> &lt;p&gt;NSS 3.12.10 source distribution is also available on &lt;code&gt;ftp.mozilla.org&lt;/code&gt; for secure HTTPS download:&lt;/p&gt;<br> &lt;ul&gt; &lt;li&gt;Source tarballs: &lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3.12.10_RTM/src/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/</a>" title="<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3.12.10_RTM/src/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/</a>" target="_blank"&gt;<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3.12.10_RTM/src/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....12.10_RTM/src/</a>&lt;/a&gt;.&lt;/li&gt;<br> &lt;/ul&gt;<br> &lt;p&gt;You also need to download the NSPR 4.8.8 binary distributions to get<br> the NSPR 4.8.8 header files and shared libraries, which NSS 3.12.10<br> requires. NSPR 4.8.8 binary distributions are in &lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.8/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/</a>" title="<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.8/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/</a>" target="_blank"&gt;<a class=" link-https" href="https://ftp.mozilla.org/pub/mozilla.org/nspr/releases/v4.8.8/" rel="freelink">https://ftp.mozilla.org/pub/mozilla....leases/v4.8.8/</a>&lt;/a&gt;.&lt;br&gt;<br> &lt;a name="new"&gt;&lt;/a&gt;&lt;/p&gt;<br> &lt;/div&gt;&lt;div id="section_3"&gt;&lt;span id="New_in_NSS_3.12.10"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;New in NSS 3.12.10&lt;/h1&gt;<br> &lt;div id="section_4"&gt;&lt;span id="Browser_Wildcard_Certificate_Validation_Issue_(CVE-2010-3170)"&gt;&lt;/span&gt;&lt;h3 class="editable"&gt;&lt;span&gt;Browser Wildcard Certificate Validation Issue (CVE-2010-3170)&lt;/span&gt;&lt;div class="editIcon"&gt;&lt;a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;amp;sectionId=4"&gt;&lt;span class="icon"&gt;&lt;img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"&gt;&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;/h3&gt;<br> &lt;ul&gt; This vulnerability is fixed in NSS 3.12.10.&lt;br&gt; See the &lt;a class=" external" rel="external" href="<a class=" external" href="http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt" rel="freelink">http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt</a>" title="<a class=" external" href="http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt" rel="freelink">http://www.westpoint.ltd.uk/advisories/wp-10-0001.txt</a>" target="_blank"&gt;Westpoint Security Advisory&lt;/a&gt; for details on this vulnerability. &lt;/ul&gt; &lt;/div&gt;&lt;div id="section_5"&gt;&lt;span id="Removed_functions"&gt;&lt;/span&gt;&lt;h3 class="editable"&gt;&lt;span&gt;Removed functions&lt;/span&gt;&lt;div class="editIcon"&gt;&lt;a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;amp;sectionId=5"&gt;&lt;span class="icon"&gt;&lt;img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"&gt;&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;/h3&gt; &lt;ul&gt; &lt;em&gt;in jar.h&lt;/em&gt; &lt;ul&gt; &lt;li&gt;JAR_cert_attribute&lt;/li&gt; &lt;/ul&gt; &lt;/ul&gt; &lt;/div&gt;&lt;div id="section_6"&gt;&lt;span id="New_SSL_options"&gt;&lt;/span&gt;&lt;h3 class="editable"&gt;&lt;span&gt;New SSL options&lt;/span&gt;&lt;div class="editIcon"&gt;&lt;a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;amp;sectionId=6"&gt;&lt;span class="icon"&gt;&lt;img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"&gt;&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;/h3&gt; &lt;ul&gt; &lt;em&gt;in ssl.h&lt;/em&gt; &lt;ul&gt; &lt;li&gt;SSL_ENABLE_FALSE_START: Enable SSL false start (off by default, applies only to clients).&lt;/li&gt; &lt;/ul&gt; &lt;/ul&gt; &lt;/div&gt;&lt;div id="section_7"&gt;&lt;span id="New_error_codes"&gt;&lt;/span&gt;&lt;h3 class="editable"&gt;&lt;span&gt;New error codes&lt;/span&gt;&lt;div class="editIcon"&gt;&lt;a title="Edit section" href="https://developer.mozilla.org/en/NSS_3.12.10_release_notes?action=edit&amp;amp;sectionId=7"&gt;&lt;span class="icon"&gt;&lt;img alt="Edit section" class="sectionedit" src="NSS_3.12.10_release_notes_files/icon-trans.gif"&gt;&lt;/span&gt;&lt;/a&gt;&lt;/div&gt;&lt;/h3&gt; &lt;ul&gt; &lt;em&gt;in sslerr.h&lt;/em&gt; &lt;ul&gt; &lt;li&gt;SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY&lt;/li&gt; &lt;/ul&gt; &lt;/ul&gt; &lt;p&gt;&lt;a name="bugsfixed"&gt;&lt;/a&gt;&lt;/p&gt; &lt;/div&gt;&lt;/div&gt;&lt;div id="section_8"&gt;&lt;span id="Bugs_Fixed"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Bugs Fixed&lt;/h1&gt; &lt;p&gt;The following bugs have been fixed in NSS 3.12.10.&lt;/p&gt;<br> &lt;ul&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642815" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=642815</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642815" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=642815</a>" target="_blank"&gt;Bug 642815&lt;/a&gt;: Deal with bogus certs issued by Comodo partner - NSS level fix&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=650272" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=650272</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=650272" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=650272</a>" target="_blank"&gt;Bug 650272&lt;/a&gt;: seckey functions call memset with sizeof(pointer) instead of sizeof(*pointer)&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629839" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=629839</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629839" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=629839</a>" target="_blank"&gt;Bug 629839&lt;/a&gt;: compiler version detection in security/coreconf/Darwin.mk fails for clang&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=527508" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=527508</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=527508" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=527508</a>" target="_blank"&gt;Bug 527508&lt;/a&gt;: libpkix: need to check crl issuer key usages before downloading a crl using CRLDP&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642129" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=642129</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=642129" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=642129</a>" target="_blank"&gt;Bug 642129&lt;/a&gt;: March 2011 batch of NSS root changes&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=584224" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=584224</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=584224" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=584224</a>" target="_blank"&gt;Bug 584224&lt;/a&gt;: CMS does not allow content types other than S/MIME&lt;/li&gt;  <br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=630589" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=630589</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=630589" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=630589</a>" target="_blank"&gt;Bug 630589&lt;/a&gt;: Improve certutil help output, introduce overview and help sections&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=647902" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=647902</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=647902" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=647902</a>" target="_blank"&gt;Bug 647902&lt;/a&gt;: Add general purpose allocation code for CERT_PKIXVerifyCert&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external"<br> href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=622719" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=622719</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=622719" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=622719</a>"<br> target="_blank"&gt;Bug 622719&lt;/a&gt;: Remove legacy root certificates from NSS&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=595988" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=595988</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=595988" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=595988</a>" target="_blank"&gt;Bug 595988&lt;/a&gt;: NSS trusts CAs it shouldn't (trusts system db over user db)&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625675" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=625675</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625675" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=625675</a>" target="_blank"&gt;Bug 625675&lt;/a&gt;: trust flags are not being deleted when we delete the associated certificate&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=616757" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=616757</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=616757" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=616757</a>" target="_blank"&gt;Bug 616757&lt;/a&gt;: When using non-RSA key exchange and renegotiating, NSS will always send a client certificate if the first handshake requested one, but subsequent renegotiation handshakes did not&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633039" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=633039</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633039" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=633039</a>" target="_blank"&gt;Bug 633039&lt;/a&gt;: pkix_pl_Socket_Poll unintentionally overwrites socket status (operator= used instead of operator==)&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=639789" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=639789</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=639789" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=639789</a>" target="_blank"&gt;Bug 639789&lt;/a&gt;: Possible minor memory leak in SNI code&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=631986" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=631986</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=631986" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=631986</a>" target="_blank"&gt;Bug 631986&lt;/a&gt;: SSL_ReconfigFD tries to access elements of a null pointer.&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629299" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=629299</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=629299" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=629299</a>" target="_blank"&gt;Bug 629299&lt;/a&gt;: core dump when tls session tickets are enabled and session cache is disabled&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=644440" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=644440</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=644440" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=644440</a>" target="_blank"&gt;Bug 644440&lt;/a&gt;: request add a new feature for SDP native support&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=599831" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=599831</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=599831" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=599831</a>" target="_blank"&gt;Bug 599831&lt;/a&gt;: scalability limited on 4-socket Westmere by hot lock for RSA blinding params list&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external"<br> href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=635778" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=635778</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=635778" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=635778</a>" target="_blank"&gt;Bug 635778&lt;/a&gt;: Need an API to pass user defined cert chain when SSL socket is set up&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=596842" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=596842</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=596842" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=596842</a>" target="_blank"&gt;Bug 596842&lt;/a&gt;: pkix_pl_InfoAccess_ParseLocation should replace "%" hex hex escape sequences before calling pkix_pl_InfoAccess_ParseTokens.&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633002" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=633002</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=633002" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=633002</a>" target="_blank"&gt;Bug 633002&lt;/a&gt;: SECKEY_ImportDERPublicKey causes memory leaks&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=645460" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=645460</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=645460" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=645460</a>" target="_blank"&gt;Bug 645460&lt;/a&gt;: Default to 32-bit NSS builds on OS X 10.6 (Snow Leopard) and later, too&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=638821" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=638821</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=638821" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=638821</a>" target="_blank"&gt;Bug 638821&lt;/a&gt;: Possible lock order inconsistency (potential deadlock) in SSL machinery&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597618" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=597618</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597618" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=597618</a>" target="_blank"&gt;Bug &lt;/a&gt;workaround: short-curcuit infinite loop in pkix_BuildForwardDepthFirstSearch when verifying the <a class=" link-https" href="https://etime1.jt3.com/" rel="freelink">https://etime1.jt3.com/</a> server certificate with AIA certificate fetch enabled&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=628378" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=628378</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=628378" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=628378</a>" target="_blank"&gt;Bug 628378&lt;/a&gt;: Please drop [] around the expressions in .size assembler directives&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597624" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=597624</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=597624" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=597624</a>" target="_blank"&gt;Bug 597624&lt;/a&gt;: pp -t certificate should identify and indent the DistributionPoints in the CRL distribution points extension&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=634490" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=634490</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=634490" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=634490</a>" target="_blank"&gt;Bug 634490&lt;/a&gt;: nss_clean_all fails in Windows 7 without administrator privileges&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559510" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=559510</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559510" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=559510</a>" target="_blank"&gt;Bug 559510&lt;/a&gt;: Bad scalability caused by contention for random number generator&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=572289" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=572289</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=572289" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=572289</a>" target="_blank"&gt;Bug 572289&lt;/a&gt;: SEC_ASN1EncodeInteger cannot correctly encode some integer values&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=646610" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=646610</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=646610" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=646610</a>" target="_blank"&gt;Bug 646610&lt;/a&gt;: Remove obsolete comment from security/nss/lib/freebl/sha512.c&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559508" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=559508</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=559508" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=559508</a>" target="_blank"&gt;Bug 559508&lt;/a&gt;: Bad scalability on 4-socket Nehalem caused by unused counters&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625491" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=625491</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=625491" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=625491</a>" target="_blank"&gt;Bug 625491&lt;/a&gt;: PKCS #11 logger should print CK_ULONG attributes as an integer&lt;/li&gt;<br> &lt;li&gt;&lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=640125" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=640125</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/show_bug.cgi?id=640125" rel="freelink">https://bugzilla.mozilla.org/show_bug.cgi?id=640125</a>" target="_blank"&gt;Bug 640125&lt;/a&gt;: SSL_CanBypass has minor memory leaks&lt;/li&gt;<br> &lt;/ul&gt; &lt;p&gt;&lt;a name="docs"&gt;&lt;/a&gt;&lt;/p&gt;<br> &lt;/div&gt;&lt;div id="section_9"&gt;&lt;span id="Documentation"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Documentation&lt;/h1&gt; &lt;p&gt;For a list of the primary NSS documentation pages on mozilla.org, see &lt;a rel="internal" href="https://developer.mozilla.org/en/index.html#Documentation" class="new " title="en/index.html#Documentation"&gt;NSS Documentation&lt;/a&gt;. New and revised documents available since the release of NSS 3.11 include the following:&lt;/p&gt; &lt;ul&gt; &lt;li&gt;&lt;a rel="internal" href="https://developer.mozilla.org/en/nss-3.11.4/nss-3.11.4-build.html" class="new " title="en/nss-3.11.4/nss-3.11.4-build.html"&gt;Build Instructions for NSS 3.11.4 and above&lt;/a&gt;<br> &lt;/li&gt;<br> &lt;li&gt;&lt;a class=" external" rel="external" href="<a class=" external" href="http://wiki.mozilla.org/NSS_Shared_DB" rel="freelink">http://wiki.mozilla.org/NSS_Shared_DB</a>" title="<a class=" external" href="http://wiki.mozilla.org/NSS_Shared_DB" rel="freelink">http://wiki.mozilla.org/NSS_Shared_DB</a>" target="_blank"&gt;NSS Shared DB&lt;/a&gt;&lt;/li&gt; &lt;/ul&gt; &lt;p&gt;&lt;a name="compatibility"&gt;&lt;/a&gt;&lt;/p&gt; &lt;/div&gt;&lt;div id="section_10"&gt;&lt;span id="Compatibility"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Compatibility&lt;/h1&gt; &lt;p&gt;NSS<br>  3.12.10 shared libraries are backward compatible with all older NSS 3.x<br> shared libraries. A program linked with older NSS 3.x shared libraries<br> will work with NSS 3.12.10 shared libraries without recompiling or<br> relinking.&amp;nbsp; Furthermore, applications that restrict their use of<br> NSS APIs to the functions listed in &lt;a rel="internal" href="https://developer.mozilla.org/en/ref/nssfunctions.html" class="new " title="en/ref/nssfunctions.html"&gt;NSS Public Functions&lt;/a&gt; will remain compatible with future versions of the NSS shared libraries. &lt;a name="feedback"&gt;&lt;/a&gt;&lt;/p&gt; &lt;/div&gt;&lt;div id="section_11"&gt;&lt;span id="Feedback"&gt;&lt;/span&gt;&lt;h1 class="editable"&gt;Feedback&lt;/h1&gt; &lt;p&gt;Bugs discovered should be reported by filing a bug report with &lt;a class=" link-https" rel="external" href="<a class=" link-https" href="https://bugzilla.mozilla.org/" rel="freelink">https://bugzilla.mozilla.org/</a>" title="<a class=" link-https" href="https://bugzilla.mozilla.org/" rel="freelink">https://bugzilla.mozilla.org/</a>" target="_blank"&gt;mozilla.org Bugzilla&lt;/a&gt; (product NSS).&lt;/p&gt;&lt;/div&gt;&lt;/div&gt;&lt;/div&gt;<br>             &lt;section class="page-meta"&gt;<br>                   &lt;section id="page-tags"&gt;<br>             &lt;h2&gt;Tags &lt;span class="sub"&gt;(1)&lt;/span&gt;&lt;/h2&gt;<br>               &lt;a href="https://developer.mozilla.org/index.php?title=Special:Tags&amp;amp;pageId=62067" id="deki-page-tags-toggleview"&gt;Edit tags&lt;/a&gt;              &lt;div id="deki-page-tags"&gt;&lt;ul class="tags"&gt;&lt;li&gt;&lt;a href="https://developer.mozilla.org/Special:Tags?tag=NSS" title="NSS" tagid="73" class="text"&gt;NSS&lt;/a&gt;&lt;/li&gt;&lt;/ul&gt;&lt;/div&gt;          &lt;/section&gt;<br>         <br>                   &lt;section id="page-files"&gt;<br>             &lt;h2&gt;Attachments &lt;span class="sub"&gt;(0)&lt;/span&gt;&lt;/h2&gt;<br>             &lt;div id="pageFiles"&gt;&lt;div class="nofiles"&gt;&amp;nbsp;&lt;/div&gt;&lt;/div&gt;            &lt;div id="deki-image-gallery-lite"&gt;&lt;table class="table empty" width="100%" border="0" cellpadding="0" cellspacing="0"&gt;&lt;colgroup&gt;&lt;col width="33%"&gt;&lt;col width="33%"&gt;&lt;col width="33%"&gt;&lt;/colgroup&gt;&lt;tbody&gt;&lt;tr class="bg1"&gt;&lt;th class="col1" colspan="3"&gt;Images 0&lt;/th&gt;&lt;/tr&gt;&lt;tr class="bg2"&gt;&lt;td class="col1 empty" colspan="3"&gt;No images to display in the gallery.&lt;/td&gt;&lt;/tr&gt;&lt;/tbody&gt;&lt;/table&gt;&lt;/div&gt;            &lt;p class="add"&gt;    &lt;a href="#" onclick="return doPopupAttach(62067);" title="Attach file"&gt;Attach file&lt;/a&gt;<br> &lt;/p&gt;<br>           &lt;/section&gt;<br>         <br>                         <br>         &lt;/section&gt;<br>         &lt;/div&gt;<br> <br>     &lt;/article&gt;<br> <br>     &lt;p class="last-mod hideforedit"&gt;<br>       Page last modified &lt;a href="https://developer.mozilla.org/index.php?title=en/NSS_3.12.10_release_notes&amp;amp;action=history" title="18:14, 8 Oct 2010"&gt;18:14, 8 Oct 2010&lt;/a&gt; by &lt;a href="https://developer.mozilla.org/index.php?title=User:christophe.ravel.bugs%40sun.com" class="link-user" rel="internal"&gt;<a class=" link-mailto" href="mailto:christophe.ravel.bugs@sun.com" rel="freelink">christophe.ravel.bugs@sun.com</a>&lt;/a&gt;    &lt;/p&gt;<br> <br>   &lt;/div&gt;&lt;!-- /#content-main --&gt;<br> <br> <br> Anchor<br> Bugs Fixed<br> <br> <br> Anchor<br> Documentation<br> <br> For a list of the primary NSS documentation pages on mozilla.org, see NSS Documentation. New and revised documents available since the release of NSS 3.11 include the following:<br> <br>     Build Instructions for NSS 3.11.4 and above<br>     NSS Shared DB<br> <br> Anchor<br> Compatibility<br> <br> NSS 3.12.10 shared libraries are backward compatible with all older NSS 3.x shared libraries. A program linked with older NSS 3.x shared libraries will work with NSS 3.12.8 shared libraries without recompiling or relinking.  Furthermore, applications that restrict their use of NSS APIs to the functions listed in NSS Public Functions will remain compatible with future versions of the NSS shared libraries. Anchor<br> Feedback<br> <br> Bugs discovered should be reported by filing a bug report with mozilla.org Bugzilla (product NSS).
Revert to this revision