the following security issues were fixed in mozilla-nss and mozilla nspr:
- mozilla-nss:
+ update to 3.15.3 (bnc#850148)
* CERT_VerifyCert returns SECSuccess (saying certificate is good) even for bad certificates, when the CERTVerifyLog log parameter is given (bmo#910438)
* NSS advertises TLS 1.2 ciphersuites in a TLS 1.1 ClientHello (bmo#919677)
* fix CVE-2013-5605

- mozilla-nspr:
+ update to version 4.10.2
relevant changes:
* bmo#770534: possible pointer overflow in PL_ArenaAllocate()
* bmo#888546: ptio.c:PR_ImportUDPSocket doesn't work