Package "golang-1.19-doc"

Name: golang-1.19-doc


Go programming language - documentation

Latest version: 1.19.8-1ubuntu0.1
Release: lunar (23.04)
Level: security
Repository: main
Head package: golang-1.19
Homepage: https://go.dev/


Download "golang-1.19-doc"

Other versions of "golang-1.19-doc" in Lunar

Repository Area Version
base main 1.19.8-1
updates main 1.19.8-1ubuntu0.1


Version: 1.19.8-1ubuntu0.1 2023-06-06 08:07:01 UTC

  golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: html injection vulnerability
    - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
    - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
      unquoted attr value
    - CVE-2023-24539
    - CVE-2023-29400
  * SECURITY UPDATE: javascript injection vulnerability
    - debian/patches/CVE-2023-24540.patch: handle all JS whitespace
    - CVE-2023-24540

 -- Nishit Majithia <email address hidden> Mon, 05 Jun 2023 15:11:27 +0530

CVE-2023-24539 Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/'
CVE-2023-29400 Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results w
CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character s

About   -   Send Feedback to @ubuntu_updates