Log Message:
nss: update to 3.74.

Changes:
• Bug 966856 - mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses.
• Bug 1553612 - Ensure clients offer consistent ciphersuites after HRR.
• Bug 1721426 - NSS does not properly restrict server keys based on policy.
• Bug 1733003 - Set nssckbi version number to 2.54.
• Bug 1735407 - Replace Google Trust Services LLC (GTS) R4 root certificate in NSS.
• Bug 1735407 - Replace Google Trust Services LLC (GTS) R3 root certificate in NSS.
• Bug 1735407 - Replace Google Trust Services LLC (GTS) R2 root certificate in NSS.
• Bug 1735407 - Replace Google Trust Services LLC (GTS) R1 root certificate in NSS.
• Bug 1735407 - Replace GlobalSign ECC Root CA R4 in NSS.
• Bug 1733560 - Remove Expired Root Certificates from NSS - DST Root CA X3.
• Bug 1740807 - Remove Expiring Cybertrust Global Root and GlobalSign root \ 
certificates from NSS.
• Bug 1741930 - Add renewed Autoridad de Certificacion Firmaprofesional CIF \ 
A62634068 root certificate to NSS.
• Bug 1740095 - Add iTrusChina ECC root certificate to NSS.
• Bug 1740095 - Add iTrusChina RSA root certificate to NSS.
• Bug 1738805 - Add ISRG Root X2 root certificate to NSS.
• Bug 1733012 - Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate to NSS.
• Bug 1738028 - Avoid a clang 13 unused variable warning in opt build.
• Bug 1735028 - Check for missing signedData field.
• Bug 1737470 - Ensure DER encoded signatures are within size limits.