CentOS Errata and Security Advisory CESA-2013:1866
This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI).
It was found that a subordinate Certificate Authority (CA) mis-issued an intermediate certificate, which could be used to conduct man-in-the-middle attacks. This update renders that particular intermediate certificate as untrusted. (BZ#1038894)
All users should upgrade to this updated package. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2013-December/032125.html
Affected packages: ca-certificates
Upstream details at: https://rhn.redhat.com/errata/RHSA-2013-1866.html