Bugs fixes in "golang-1.20"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-45285 | Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via th | 2024-01-11 |
| CVE | CVE-2023-39326 | A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network | 2024-01-11 |
| CVE | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... | 2024-01-11 |
| CVE | CVE-2023-39325 | A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total | 2024-01-11 |
| CVE | CVE-2023-39323 | Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed | 2024-01-11 |
| CVE | CVE-2023-39319 | The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script | 2024-01-11 |
| CVE | CVE-2023-39318 | The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may caus | 2024-01-11 |
| CVE | CVE-2023-45285 | Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via th | 2024-01-11 |
| CVE | CVE-2023-39326 | A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network | 2024-01-11 |
| CVE | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... | 2024-01-11 |
| CVE | CVE-2023-39325 | A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total | 2024-01-11 |
| CVE | CVE-2023-39323 | Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed | 2024-01-11 |
| CVE | CVE-2023-39319 | The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script | 2024-01-11 |
| CVE | CVE-2023-39318 | The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may caus | 2024-01-11 |
| CVE | CVE-2023-45285 | Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via th | 2024-01-11 |
| CVE | CVE-2023-39326 | A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network | 2024-01-11 |
| CVE | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... | 2024-01-11 |
| CVE | CVE-2023-39325 | A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total | 2024-01-11 |
| CVE | CVE-2023-39323 | Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed | 2024-01-11 |
| CVE | CVE-2023-39319 | The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script | 2024-01-11 |
About
-
Send Feedback to @ubuntu_updates
