Switch to NSS 3.19.2.2 to mitigate SLOTH attack (CVE-2015-7575)

Mozilla thinks backporting the fix for CVE-2015-7575 is not important enough and does not do it. I think giving our context we should do it, though. Let's try switching to NSS 3.19.2.2 in the next release (end of January).