UbuntuUpdates.org

Package "golang-1.14"

Name: golang-1.14

Description:

Go programming language compiler - metapackage

Latest version: 1.14.3-2ubuntu2~20.04.2
Release: focal (20.04)
Level: security
Repository: main
Homepage: https://golang.org

Links


Download "golang-1.14"


Other versions of "golang-1.14" in Focal

Repository Area Version
base main 1.14.2-1ubuntu1
updates main 1.14.3-2ubuntu2~20.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.14.3-2ubuntu2~20.04.2 2021-03-08 19:07:09 UTC

  golang-1.14 (1.14.3-2ubuntu2~20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: XSS (LP: #1914372)
    - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
      net/http/cgi and net/http/fcgi.
    - CVE-2020-24553

 -- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:03:32 +0100

1914372 Ubuntu packages affected by CVE-2020-24553
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.



About   -   Send Feedback to @ubuntu_updates