Package "golang-x-text"
Name: |
golang-x-text
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Supplementary Go text-related libraries
- Transitional package for golang-golang-x-text-dev
|
Latest version: |
0.0~git20170627.0.6353ef0-1ubuntu2.1 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "golang-x-text" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
golang-x-text (0.0~git20170627.0.6353ef0-1ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of Service (crash)
- debian/patches/CVE-2020-14040.patch: encoding/unicode: correctly
handle single-byte UTF-16 inputs (and harden transform.String)
- debian/patches/CVE-2020-28852.patch: internal/language: fix
resizeRange index wrong way
- debian/patches/CVE-2020-28851.patch: language: allow variable
number of types per key in -u- extension
- debian/patches/CVE-2021-38561.patch: language: turn parsing panics
into ErrSyntax
- debian/patches/CVE-2022-32149.patch: language: reject excessively
large Accept-Language strings
- CVE-2020-14040
- CVE-2020-28852
- CVE-2020-28851
- CVE-2021-38561
- CVE-2022-32149
-- Eduardo Barretto <email address hidden> Wed, 11 Jan 2023 19:49:49 +0100
|
CVE-2020-14040 |
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causi |
CVE-2020-28852 |
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/lang |
CVE-2020-28851 |
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is sup |
CVE-2021-38561 |
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculati |
CVE-2022-32149 |
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. |
|
About
-
Send Feedback to @ubuntu_updates