发布于3月6日3月6日 Members Amazon Linux AMI 2: CVE-2024-39689: Security patch for ca-certificates (ALAS-2024-2607) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/05/2024 Created 08/14/2024 Added 08/14/2024 Modified 02/14/2025 Description Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues." Solution(s) amazon-linux-ami-2-upgrade-ca-certificates References https://attackerkb.com/topics/cve-2024-39689 AL2/ALAS-2024-2607 CVE - 2024-39689
