[ubuntu/focal-security] golang-golang-x-text 0.3.2-4ubuntu0.1 (Accepted)
Eduardo Barretto
eduardo.barretto at canonical.com
Thu Feb 16 09:37:57 UTC 2023
golang-golang-x-text (0.3.2-4ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of Service (crash)
- debian/patches/CVE-2020-14040.patch: encoding/unicode: correctly
handle single-byte UTF-16 inputs (and harden transform.String)
- debian/patches/CVE-2020-28852.patch: internal/language: fix
resizeRange index wrong way
- debian/patches/CVE-2020-28851.patch: language: allow variable
number of types per key in -u- extension
- debian/patches/CVE-2021-38561.patch: language: turn parsing panics
into ErrSyntax
- debian/patches/CVE-2022-32149.patch: language: reject excessively
large Accept-Language strings
- CVE-2020-14040
- CVE-2020-28852
- CVE-2020-28851
- CVE-2021-38561
- CVE-2022-32149
Date: 2023-01-12 17:43:09.045201+00:00
Changed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/golang-golang-x-text/0.3.2-4ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list