CVE-2017-1000097

Priority
Description
On Darwin, user's trust preferences for root certificates were not honored.
If the user had a root certificate loaded in their Keychain that was
explicitly not trusted, a Go program would still verify a connection using
that root certificate.
Notes
mdeslaurPackages built using golang need to be rebuilt once the
vulnerability has been fixed. This CVE entry does not
list packages that need rebuilding outside of the main
repository or the Ubuntu variants with PPA overlays.
Package
Upstream:not-affected (Darwin only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Darwin only])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (Darwin only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Darwin only])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (Darwin only)
Package
Upstream:not-affected (Darwin only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Darwin only])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (Darwin only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected (Darwin only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-09-10 05:34:58 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)