[Bug 2015340] [NEW] Sync golang-1.19 1.19.8-1 (main) from Debian experimental (main)
Launchpad Bug Tracker
2015340 at bugs.launchpad.net
Wed Apr 5 10:52:39 UTC 2023
You have been subscribed to a public bug by Shengjing Zhu (zhsj):
Please sync golang-1.19 1.19.8-1 (main) from Debian experimental (main)
Changelog entries since current lunar version 1.19.7-1:
golang-1.19 (1.19.8-1) experimental; urgency=medium
* Team upload
* New upstream version 1.19.8
+ CVE-2023-24537: go/parser: infinite loop in parsing
+ CVE-2023-24538: html/template: backticks not treated as string delimiters
+ CVE-2023-24534: net/http, net/textproto: denial of service from excessive
memory allocation
+ CVE-2023-24536: net/http, net/textproto, mime/multipart: denial of
service from excessive resource consumption
-- Shengjing Zhu <zhsj at debian.org> Wed, 05 Apr 2023 02:15:56 +0800
** Affects: golang-1.19 (Ubuntu)
Importance: Undecided
Status: New
--
Sync golang-1.19 1.19.8-1 (main) from Debian experimental (main)
https://bugs.launchpad.net/bugs/2015340
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list