ALAS-2011-021


Amazon Linux AMI Security Advisory: ALAS-2011-21
Advisory Release Date: 2014-09-14 14:43 Pacific
Severity: Medium
References: RHSA-2011-1444 

Issue Overview:

It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority (CA) issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: Digicert Sdn. Bhd. is not the same company as found at digicert.com.


Affected Packages:

nss


Issue Correction:
Run yum update nss to update your system.

New Packages:
i686:
    nss-debuginfo-3.12.10-2.23.amzn1.i686
    nss-sysinit-3.12.10-2.23.amzn1.i686
    nss-3.12.10-2.23.amzn1.i686
    nss-tools-3.12.10-2.23.amzn1.i686
    nss-devel-3.12.10-2.23.amzn1.i686
    nss-pkcs11-devel-3.12.10-2.23.amzn1.i686

src:
    nss-3.12.10-2.23.amzn1.src

x86_64:
    nss-tools-3.12.10-2.23.amzn1.x86_64
    nss-sysinit-3.12.10-2.23.amzn1.x86_64
    nss-pkcs11-devel-3.12.10-2.23.amzn1.x86_64
    nss-debuginfo-3.12.10-2.23.amzn1.x86_64
    nss-3.12.10-2.23.amzn1.x86_64
    nss-devel-3.12.10-2.23.amzn1.x86_64