The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html