This bug was fixed in the package golang-1.10 - 1.10.4-2ubuntu1~16.04.2
--------------- golang-1.10 (1.10.4-2ubuntu1~16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: XSS (LP: #1914372) - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in net/http/cgi and net/http/fcgi. - CVE-2020-24553
-- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:11:12 +0100
This bug was fixed in the package golang-1.10 - 1.10.4- 2ubuntu1~ 16.04.2
--------------- 2ubuntu1~ 16.04.2) xenial-security; urgency=medium
golang-1.10 (1.10.4-
* SECURITY UPDATE: XSS (LP: #1914372) patches/ CVE-2020- 24553.patch: Add Content-Type detection in
- debian/
net/http/cgi and net/http/fcgi.
- CVE-2020-24553
-- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:11:12 +0100