golang-1.17 1.17.13-3ubuntu1.2 source package in Ubuntu
Changelog
golang-1.17 (1.17.13-3ubuntu1.2) jammy-security; urgency=medium * SECURITY UPDATE: Code Injection, XSS, Denial of Service - debian/patches/CVE-2023-24531.patch: cmd/go: sanitize go env outputs - debian/patches/CVE-2023-24538.patch: html/template: disallow actions in JS template literals - debian/patches/CVE-2023-29402.patch: cmd/go: disallow package directories containing newlines - debian/patches/CVE-2023-29403.patch: runtime: implement SUID/SGID protections. Thanks to Tang Xi from OpenEuler for the backport. - debian/patches/CVE-2023-29404.patch: cmd/go: enforce flags with non-optional arguments - debian/patches/CVE-2023-29405-1.patch: cmd/go,cmd/cgo: in _cgo_flags use one line per flag - debian/patches/CVE-2023-29405-2.patch: cmd/cgo: correct _cgo_flags output - debian/patches/CVE-2023-29406.patch: net/http: validate Host header before sending - debian/patches/CVE-2023-39318.patch: html/template: support HTML-like comments in script contexts - debian/patches/CVE-2023-39319.patch: html/template: properly handle special tags within the script context - debian/patches/CVE-2023-39325.patch: net/http: regenerate h2_bundle.go - debian/patches/CVE-2024-24785.patch: html/template: escape additional tokens in MarshalJSON errors - CVE-2023-24531 - CVE-2023-24538 - CVE-2023-29402 - CVE-2023-29403 - CVE-2023-29404 - CVE-2023-29405 - CVE-2023-29406 - CVE-2023-39318 - CVE-2023-39319 - CVE-2023-39325 - CVE-2024-24785 * debian/patches/0007-backport-syscall-package-1.patch, debian/patches/0008-backport-syscall-package-2.patch, debian/patches/0009-backport-syscall-package-3.patch, debian/patches/0010-backport-syscall-package-4.patch, debian/patches/0011-backport-syscall-package-5.patch, debian/patches/0012-backport-syscall-package-6.patch: backport syscall pacakge for the fix for CVE-2023-29403 from upstream. -- Allen Huang <email address hidden> Tue, 24 Sep 2024 14:26:38 +0100
Upload details
- Uploaded by:
- Allen Huang
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64 ppc64el riscv64 s390x all
- Section:
- golang
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
golang-1.17_1.17.13.orig.tar.gz | 21.2 MiB | a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd |
golang-1.17_1.17.13.orig.tar.gz.asc | 819 bytes | bb64ccde19f26f76031d05ff52e813d75970220be12f1aca61eddfe9f3b009f0 |
golang-1.17_1.17.13-3ubuntu1.2.debian.tar.xz | 73.9 KiB | 0e60730f55e440f9080955a6229a65f7258da3bf1669e6d83882da0a526b7c2c |
golang-1.17_1.17.13-3ubuntu1.2.dsc | 2.9 KiB | cc5af06ac01f88260ee1005baa202b605ccc66f1028416dfc8d7cddafad05eb3 |
Available diffs
Binary packages built by this source
- golang-1.17: Go programming language compiler - metapackage
The Go programming language is an open source project to make
programmers more productive. Go is expressive, concise, clean, and
efficient. Its concurrency mechanisms make it easy to write programs
that get the most out of multicore and networked machines, while its
novel type system enables flexible and modular program construction.
Go compiles quickly to machine code yet has the convenience of
garbage collection and the power of run-time reflection. It's a
fast, statically typed, compiled language that feels like a
dynamically typed, interpreted language.
.
This package is a metapackage that, when installed, guarantees
that (most of) a full Go development environment is installed.
.
To use this version, instead of the default one provided by golang-go
package, add /usr/lib/go-1.17/ bin/ to PATH, or invoke /usr/lib/ go-1.17/ bin/go
directly.
- golang-1.17-doc: Go programming language - documentation
The Go programming language is an open source project to make
programmers more productive. Go is expressive, concise, clean, and
efficient. Its concurrency mechanisms make it easy to write programs
that get the most out of multicore and networked machines, while its
novel type system enables flexible and modular program construction.
Go compiles quickly to machine code yet has the convenience of
garbage collection and the power of run-time reflection. It's a fast,
statically typed, compiled language that feels like a dynamically
typed, interpreted language.
.
This package provides the documentation for the Go programming
language.
- golang-1.17-go: Go programming language compiler, linker, compiled stdlib
The Go programming language is an open source project to make programmers more
productive. Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of multicore
and networked machines, while its novel type system enables flexible and
modular program construction. Go compiles quickly to machine code yet has the
convenience of garbage collection and the power of run-time reflection. It's a
fast, statically typed, compiled language that feels like a dynamically typed,
interpreted language.
.
This package provides an assembler, compiler, linker, and compiled libraries
for the Go programming language.
.
To use this version, instead of the default one provided by golang-go package,
add /usr/lib/go-1.17/ bin/ to PATH, or invoke /usr/lib/ go-1.17/ bin/go directly.
- golang-1.17-go-dbgsym: debug symbols for golang-1.17-go
- golang-1.17-src: Go programming language - source files
The Go programming language is an open source project to make programmers more
productive. Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of multicore
and networked machines, while its novel type system enables flexible and
modular program construction. Go compiles quickly to machine code yet has the
convenience of garbage collection and the power of run-time reflection. It's a
fast, statically typed, compiled language that feels like a dynamically typed,
interpreted language.
.
This package provides the Go programming language source files needed for
compilation.