Package "golang-1.19"

Name: golang-1.19


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Go programming language - documentation

Latest version: 1.19.8-1ubuntu0.1
Release: lunar (23.04)
Level: security
Repository: main


Other versions of "golang-1.19" in Lunar

Repository Area Version
base main 1.19.8-1
base universe 1.19.8-1
security universe 1.19.8-1ubuntu0.1
updates main 1.19.8-1ubuntu0.1
updates universe 1.19.8-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Version: 1.19.8-1ubuntu0.1 2023-06-06 08:07:01 UTC

  golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: html injection vulnerability
    - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
    - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
      unquoted attr value
    - CVE-2023-24539
    - CVE-2023-29400
  * SECURITY UPDATE: javascript injection vulnerability
    - debian/patches/CVE-2023-24540.patch: handle all JS whitespace
    - CVE-2023-24540

 -- Nishit Majithia <email address hidden> Mon, 05 Jun 2023 15:11:27 +0530

CVE-2023-24539 Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/'
CVE-2023-29400 Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results w
CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character s

About   -   Send Feedback to @ubuntu_updates