Hi I a running centos-7.9 (CentOS Linux release 7.9.2009 (AltArch)) nss had a vulnerability reported with a CVSS score of 9.8 (https://access.redhat.com/security/cve/CVE-2021-43527). I can see that there is a x86_64 package for nss that fixes this vulnerability (nss-3.67.0-4.el7_9.x86_64) rpm -q nss --changelog |head -n 10 * Thu Nov 18 2021 Bob Relyea <rrelyea at redhat.com> - 3.67.0-4 - fix CVE-2021-43527 However, when I tried to find the updated package for aarch64, I don't see a package fixing this vulnerability for aarch64. Reading the security report seems to indicate that this affects all architectures. I can also see that amazonlinux and oracle linux have released nss packages to address this vulnerability. Looking through the centos forums, I have not been able to figure out why this package is missing for aarch64. Does someone know why this package with high vulnerability has not been updated for centos-7.9? Thanks for your guidance. -- Raj Shekhar