Updated nss packages fix security vulnerabilities:
In the QuickDER decoder in NSS before 3.17.3, ASN.1 DER decoding of
lengths is too permissive, allowing undetected smuggling of arbitrary
data (CVE-2014-1569).
This update adds support for the TLS Fallback Signaling Cipher Suite
Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent protocol
downgrade attacks against applications which re-connect using a lower
SSL/TLS protocol version when the initial connection indicating the
highest supported protocol version fails. This can prevent a forceful
downgrade of the communication to SSL 3.0, mitigating CVE-2014-3566,
also known as POODLE. SSL 3.0 support has also been disabled by
default in this Firefox and Thunderbird update, further mitigating
POODLE.