Package "golang-1.10"

Name: golang-1.10


Go programming language compiler - metapackage

Latest version: 1.10.4-2ubuntu1~16.04.2
Release: xenial (16.04)
Level: security
Repository: main
Homepage: https://golang.org


Download "golang-1.10"

Other versions of "golang-1.10" in Xenial

Repository Area Version
updates main 1.10.4-2ubuntu1~16.04.2
backports universe 1.10-1ubuntu1~16.04.1

Packages in group

Deleted packages are displayed in grey.


Version: 1.10.4-2ubuntu1~16.04.2 2021-05-13 20:06:25 UTC

  golang-1.10 (1.10.4-2ubuntu1~16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: XSS (LP: #1914372)
    - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
      net/http/cgi and net/http/fcgi.
    - CVE-2020-24553

 -- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:11:12 +0100

1914372 Ubuntu packages affected by CVE-2020-24553
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.

About   -   Send Feedback to @ubuntu_updates