UbuntuUpdates.org

Package "golang-1.10-src"

Name: golang-1.10-src

Description:

Go programming language - source files

Latest version: 1.10.4-2ubuntu1~16.04.2
Release: xenial (16.04)
Level: updates
Repository: main
Head package: golang-1.10
Homepage: https://golang.org

Links


Download "golang-1.10-src"


Other versions of "golang-1.10-src" in Xenial

Repository Area Version
security main 1.10.4-2ubuntu1~16.04.2
backports universe 1.10-1ubuntu1~16.04.1

Changelog

Version: 1.10.4-2ubuntu1~16.04.2 2021-05-13 21:06:23 UTC

  golang-1.10 (1.10.4-2ubuntu1~16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: XSS (LP: #1914372)
    - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
      net/http/cgi and net/http/fcgi.
    - CVE-2020-24553

 -- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:11:12 +0100

1914372 Ubuntu packages affected by CVE-2020-24553
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.



About   -   Send Feedback to @ubuntu_updates