ALAS-2011-003


Amazon Linux AMI Security Advisory: ALAS-2011-3
Advisory Release Date: 2014-09-14 14:25 Pacific
Severity: Medium
References: RHSA-2011-1248 

Issue Overview:

This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI).

It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca-certificates package, rendering any HTTPS certificates signed by that CA as untrusted.

All users should upgrade to this updated package. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.


Affected Packages:

ca-certificates


Issue Correction:
Run yum update ca-certificates to update your system.

New Packages:
noarch:
    ca-certificates-2010.63-3.7.amzn1.noarch

src:
    ca-certificates-2010.63-3.7.amzn1.src