The linked bug in the URL manifests itself as a hanged SSL connection when a program tries to connect to an SSL server using NSS. It only seems to appear in specific circumstances. I hit it when using client authentication with a vendor-provided PKCS11 library for the smart card "Gemalto .NET V2". The source for this library is available at http://smartcardservices.macosforge.org/trac/browser/trunk/SmartCardServices/src/PKCS11dotNetV2 and can be downloaded with "svn checkout https://svn.macosforge.org/repository/smartcardservices/trunk/SmartCardServices/src/PKCS11dotNetV2". The bug is not present in NSS 3.13.6, and the patch which is attacked to the upstream report fixes the problem for me. I was pointed to this bug and patch #nss on irc.mozilla.org by Bob Relyea, who appears to be an NSS developer. Reproducible: Always Steps to Reproduce: 1. Get a Gemalto .NET V2 smart card and a smart card reader 2. Compile and install the PKCS11 library for the card: $ svn checkout https://svn.macosforge.org/repository/smartcardservices/trunk/SmartCardServices/src/PKCS11dotNetV2 $ cd PKCS11dotNetV2 && ./autogen.sh && ./configure --enable-system-boost --prefix=/usr/local && make && sudo make install 3. Start pcscd if not already, plug in the reader/card. 4. In Firefox add a new security module using the library /usr/local/lib/pkcs11/libgtop11dotnet.so. 5. Try to connect to an HTTPS server which requires client authentication using a certificate stored on the smart card. Actual Results: Connection hangs after PIN is entered and client certificate is selected.
This is fixed as of NSS 3.14.1 ( https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14.1_release_notes )
nss-3.14.1 is stable on most arches. So this bug ccan be closed.