UbuntuUpdates.org

Package "golang-1.10-src"

Name: golang-1.10-src

Description:

Go programming language - source files

Latest version: 1.10.4-2ubuntu1~18.04.2
Release: bionic (18.04)
Level: security
Repository: main
Head package: golang-1.10
Homepage: https://golang.org

Links


Download "golang-1.10-src"


Other versions of "golang-1.10-src" in Bionic

Repository Area Version
base main 1.10.1-1ubuntu2
updates main 1.10.4-2ubuntu1~18.04.2

Changelog

Version: 1.10.4-2ubuntu1~18.04.2 2021-03-08 18:06:49 UTC

  golang-1.10 (1.10.4-2ubuntu1~18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: XSS (LP: #1914372)
    - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
      net/http/cgi and net/http/fcgi.
    - CVE-2020-24553

 -- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 08:42:42 +0100

1914372 Ubuntu packages affected by CVE-2020-24553
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.



About   -   Send Feedback to @ubuntu_updates