diff -up nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc.version-range-set nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc
--- nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc.version-range-set	2019-04-26 16:56:32.753283497 +0200
+++ nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc	2019-04-26 16:56:51.096889439 +0200
@@ -151,12 +151,6 @@ class TestPolicyVersionRange
   }
 
   bool IsValidInputForVersionRangeSet(SSLVersionRange* expectedEffectiveRange) {
-    if (input_.min() <= SSL_LIBRARY_VERSION_3_0 &&
-        input_.max() >= SSL_LIBRARY_VERSION_TLS_1_3) {
-      // This is always invalid input, independent of policy
-      return false;
-    }
-
     if (input_.min() < library_.min() || input_.max() > library_.max() ||
         input_.min() > input_.max()) {
       // Asking for unsupported ranges is invalid input for VersionRangeSet
diff -up nss/lib/ssl/sslsock.c.version-range-set nss/lib/ssl/sslsock.c
--- nss/lib/ssl/sslsock.c.version-range-set	2019-04-26 16:56:11.810733383 +0200
+++ nss/lib/ssl/sslsock.c	2019-04-26 16:56:11.813733319 +0200
@@ -2542,13 +2542,6 @@ SSL_VersionRangeGetDefault(SSLProtocolVa
     return ssl3_CreateOverlapWithPolicy(protocolVariant, vrange, vrange);
 }
 
-static PRBool
-ssl3_HasConflictingSSLVersions(const SSLVersionRange *vrange)
-{
-    return (vrange->min <= SSL_LIBRARY_VERSION_3_0 &&
-            vrange->max >= SSL_LIBRARY_VERSION_TLS_1_3);
-}
-
 static SECStatus
 ssl3_CheckRangeValidAndConstrainByPolicy(SSLProtocolVariant protocolVariant,
                                          SSLVersionRange *vrange)
@@ -2557,8 +2550,7 @@ ssl3_CheckRangeValidAndConstrainByPolicy
 
     if (vrange->min > vrange->max ||
         !ssl3_VersionIsSupportedByCode(protocolVariant, vrange->min) ||
-        !ssl3_VersionIsSupportedByCode(protocolVariant, vrange->max) ||
-        ssl3_HasConflictingSSLVersions(vrange)) {
+        !ssl3_VersionIsSupportedByCode(protocolVariant, vrange->max)) {
         PORT_SetError(SSL_ERROR_INVALID_VERSION_RANGE);
         return SECFailure;
     }