Change logs for golang-1.21 source package in Focal
-
golang-1.21 (1.21.1-1~ubuntu20.04.2) focal-security; urgency=medium * SECURITY UPDATE: bypass directives restrictions - debian/patches/CVE-2023-39323.patch: cmd/compile: use absolute file name in isCgo check - CVE-2023-39323 * SECURITY UPDATE: denial of service - debian/patches/CVE-2023-39325_44487.patch: http2: limit maximum handler goroutines to MaxConcurrentStreams - CVE-2023-39325 - CVE-2023-44487 * SECURITY UPDATE: out-of-bound read - debian/patches/CVE-2023-39326.patch: net/http: limit chunked data overhead - CVE-2023-39326 * SECURITY UPDATE: bypass secure protocol - debian/patches/CVE-2023-45285.patch: error out if the requested repo does not support a secure protocol - CVE-2023-45285 -- Nishit Majithia <email address hidden> Mon, 08 Jan 2024 11:39:58 +0530
-
golang-1.21 (1.21.1-1~ubuntu20.04.1) focal; urgency=medium * Backport to Focal (LP: #2040269) * d/control{,.in}: downgrade debhelper compat level to 12 * Build with Go 1.18 + d/control{,.in}: use golang-1.18-go in Build-Depends + d/rules: use /usr/lib/go-1.18/bin/go to set GOROOT_BOOTSTRAP path -- Shengjing Zhu <email address hidden> Wed, 25 Oct 2023 16:21:36 +0800