[ubuntu/lunar-security] golang-1.19 1.19.8-1ubuntu0.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Tue Jun 6 06:13:10 UTC 2023
golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: html injection vulnerability
- debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
values
- debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
unquoted attr value
- CVE-2023-24539
- CVE-2023-29400
* SECURITY UPDATE: javascript injection vulnerability
- debian/patches/CVE-2023-24540.patch: handle all JS whitespace
characters
- CVE-2023-24540
Date: 2023-06-05 10:00:09.011782+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/golang-1.19/1.19.8-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list