Bugs fixes in "golang-1.22"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-4673 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | 2025-06-19 |
| CVE | CVE-2025-22870 | Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment var | 2025-06-19 |
| CVE | CVE-2025-22866 | Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are | 2025-06-19 |
| CVE | CVE-2024-45341 | A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. | 2025-06-19 |
| CVE | CVE-2024-45336 | The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header | 2025-06-19 |
| CVE | CVE-2025-4673 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | 2025-06-19 |
| CVE | CVE-2025-22870 | Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment var | 2025-06-19 |
| CVE | CVE-2025-22866 | Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are | 2025-06-19 |
| CVE | CVE-2024-45341 | A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. | 2025-06-19 |
| CVE | CVE-2024-45336 | The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header | 2025-06-19 |
| CVE | CVE-2025-4673 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | 2025-06-19 |
| CVE | CVE-2025-22870 | Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment var | 2025-06-19 |
| CVE | CVE-2025-22866 | Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are | 2025-06-19 |
| CVE | CVE-2024-45341 | A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. | 2025-06-19 |
| CVE | CVE-2024-45336 | The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header | 2025-06-19 |
| CVE | CVE-2025-4673 | Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. | 2025-06-19 |
| CVE | CVE-2025-22870 | Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment var | 2025-06-19 |
| CVE | CVE-2025-22866 | Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are | 2025-06-19 |
| CVE | CVE-2024-45341 | A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. | 2025-06-19 |
| CVE | CVE-2024-45336 | The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header | 2025-06-19 |
About
-
Send Feedback to @ubuntu_updates
