CVE-2017-1000097 On Darwin, user’s trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate.

Posted on by No Comments ↓

This post has been republished via RSS; it originally appeared at: MSRC Security Update Guide.

Information published.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.