UbuntuUpdates.org

Package "golang-1.14"

Name: golang-1.14

Description:

Go programming language compiler - metapackage

Latest version: 1.14.7-2ubuntu1.1
Release: groovy (20.10)
Level: updates
Repository: main
Homepage: https://golang.org

Links


Download "golang-1.14"


Other versions of "golang-1.14" in Groovy

Repository Area Version
base main 1.14.7-2ubuntu1
security main 1.14.7-2ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.14.7-2ubuntu1.1 2021-03-08 20:07:36 UTC

  golang-1.14 (1.14.7-2ubuntu1.1) groovy-security; urgency=medium

  * SECURITY UPDATE: XSS (LP: #1914372)
    - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
      net/http/cgi and net/http/fcgi.
    - CVE-2020-24553

 -- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 09:59:58 +0100

1914372 Ubuntu packages affected by CVE-2020-24553
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.



About   -   Send Feedback to @ubuntu_updates