Name of the Vulnerable Software and Affected Versions ca-certificates versions prior to the update that removes the "AddTrust External Root" CA

Description The ca-certificates package contained an expired CA certificate that caused connectivity issues. This issue was resolved by removing the "AddTrust External Root" CA and refreshing the included certificates to those contained in the 20190110 package.

Recommendations For Ubuntu 12.04 ESM and Ubuntu 14.04 ESM, update the ca-certificates package to the version that removes the "AddTrust External Root" CA and refreshes the included certificates. For other affected versions, update the ca-certificates package to the latest version that includes the refreshed certificates. At the moment, there is no information about a newer version that contains a fix for this vulnerability, other than the mentioned update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.