UbuntuUpdates.org

Package "golang-1.19"

Name: golang-1.19

Description:

Go programming language compiler - metapackage

Latest version: 1.19.8-1ubuntu0.1
Release: lunar (23.04)
Level: updates
Repository: universe
Homepage: https://go.dev/

Links


Download "golang-1.19"


Other versions of "golang-1.19" in Lunar

Repository Area Version
base main 1.19.8-1
base universe 1.19.8-1
security universe 1.19.8-1ubuntu0.1
security main 1.19.8-1ubuntu0.1
updates main 1.19.8-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.19.8-1ubuntu0.1 2023-06-06 10:07:13 UTC

  golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: html injection vulnerability
    - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
      values
    - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
      unquoted attr value
    - CVE-2023-24539
    - CVE-2023-29400
  * SECURITY UPDATE: javascript injection vulnerability
    - debian/patches/CVE-2023-24540.patch: handle all JS whitespace
      characters
    - CVE-2023-24540

 -- Nishit Majithia <email address hidden> Mon, 05 Jun 2023 15:11:27 +0530

CVE-2023-24539 Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/'
CVE-2023-29400 Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results w
CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character s



About   -   Send Feedback to @ubuntu_updates