Resolved Bugs
1205302 – Fix the legacy CA inclusions of upstream 2.1 and 2.2
1205305 – Update to version 2.3 as released with NSS 3.18<br
This is an update to the set of CA certificates released with NSS version 3.18
However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.
If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the “ca-legacy disable” command.
This update corrects the Fedora legacy classification of four root CA certificates, which had trust added or removed in the upstream 2.1 and 2.2 releases.