ALAS-2021-1536


Amazon Linux AMI Security Advisory: ALAS-2021-1536
Advisory Release Date: 2021-09-30 20:41 Pacific
Advisory Updated Date: 2021-10-04 22:24 Pacific
Severity: Important
References:

Issue Overview:

Update of ca-certificates to version 2018.2.22-65.1.24.amzn1 addresses the expiring IdentTrust DST Root CA X3, which affected some Let's Encrypt TLS certificates. The effect of the expiring certificate would be an inability of OpenSSL to validate impacted certificates issued by Let's Encrypt. Impacted customers may have experienced connection or certificate errors when attempting to connect to certain websites or APIs that use Let's Encrypt certificates.


Affected Packages:

ca-certificates


Issue Correction:
Run yum update ca-certificates to update your system.

New Packages:
noarch:
    ca-certificates-2018.2.22-65.1.24.amzn1.noarch

src:
    ca-certificates-2018.2.22-65.1.24.amzn1.src