Package "golang-1.20-doc"

Name: golang-1.20-doc


Go programming language - documentation

Latest version: 1.20.3-1ubuntu0.1
Release: lunar (23.04)
Level: updates
Repository: main
Head package: golang-1.20
Homepage: https://go.dev/


Download "golang-1.20-doc"

Other versions of "golang-1.20-doc" in Lunar

Repository Area Version
base main 1.20.3-1
security main 1.20.3-1ubuntu0.1


Version: 1.20.3-1ubuntu0.1 2023-06-06 10:07:13 UTC

  golang-1.20 (1.20.3-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: html injection vulnerability
    - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
    - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
      unquoted attr value
    - CVE-2023-24539
    - CVE-2023-29400
  * SECURITY UPDATE: javascript injection vulnerability
    - debian/patches/CVE-2023-24540.patch: handle all JS whitespace
    - CVE-2023-24540

 -- Nishit Majithia <email address hidden> Wed, 31 May 2023 17:28:05 +0530

CVE-2023-24539 Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/'
CVE-2023-29400 Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results w
CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character s

About   -   Send Feedback to @ubuntu_updates