[ubuntu/kinetic-security] golang-1.13 1.13.8-1ubuntu2.22.10.1 (Accepted)
David Fernandez Gonzalez
david.fernandezgonzalez at canonical.com
Tue Nov 15 08:33:50 UTC 2022
golang-1.13 (1.13.8-1ubuntu2.22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: Infinite read loop via invalid inputs
- debian/patches/CVE-2020-16845.patch: ensure that ReadUvarint
reads a limited amount of data in src/encoding/binary/varint.go.
- CVE-2020-16845
* debian/control.in: Add gcc-10 and g++-10 as gcc-11 and g++-11 are
the new default versions. DWARF5 is not compatible and is used by
11 versions.
* debian/rules: Enforce the use of gcc-10 and g++-10.
Date: 2022-11-09 17:31:09.924443+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
https://launchpad.net/ubuntu/+source/golang-1.13/1.13.8-1ubuntu2.22.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list