Amazon Linux 2 Security Advisory: ALAS-2021-1710
Advisory Release Date: 2021-09-30 20:40 Pacific
Advisory Updated Date: 2021-10-04 22:29 Pacific
Severity:
Important
References:
FAQs regarding Amazon Linux ALAS/CVE Severity
FAQs regarding Amazon Linux ALAS/CVE Severity
Issue Overview:
Update of ca-certificates to version 2021.2.50-72.amzn2.0.1 addresses the expiring IdentTrust DST Root CA X3, which affected some Let's Encrypt TLS certificates. The effect of the expiring certificate would be an inability of OpenSSL to validate impacted certificates issued by Let's Encrypt. Impacted customers may have experienced connection or certificate errors when attempting to connect to certain websites or APIs that use Let's Encrypt certificates.
Affected Packages:
ca-certificates
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update ca-certificates to update your system.
New Packages:
noarch:
ca-certificates-2021.2.50-72.amzn2.0.1.noarch
src:
ca-certificates-2021.2.50-72.amzn2.0.1.src