[ubuntu/lunar-updates] golang-1.19 1.19.8-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Jun 6 07:28:21 UTC 2023
golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: html injection vulnerability
- debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
values
- debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
unquoted attr value
- CVE-2023-24539
- CVE-2023-29400
* SECURITY UPDATE: javascript injection vulnerability
- debian/patches/CVE-2023-24540.patch: handle all JS whitespace
characters
- CVE-2023-24540
Date: 2023-06-05 10:00:09.011782+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/golang-1.19/1.19.8-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list