Amazon Linux AMI Security Advisory: ALAS-2011-3
Advisory Release Date: 2014-09-14 14:25 Pacific
This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI).
It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca-certificates package, rendering any HTTPS certificates signed by that CA as untrusted.
All users should upgrade to this updated package. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.
Run yum update ca-certificates to update your system.