Ubuntu
golang-1.19 package

Change logs for golang-1.19 source package in Kinetic

  1. Kinetic (22.10)
  2. Change log 
  • golang-1.19 (1.19.2-1ubuntu1.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: html injection vulnerability
    - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS
      values
    - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty
      unquoted attr value
    - CVE-2023-24539
    - CVE-2023-29400
  * SECURITY UPDATE: javascript injection vulnerability
    - debian/patches/CVE-2023-24540.patch: handle all JS whitespace
      characters
    - CVE-2023-24540
  * SECURITY UPDATE: large handshake records cause panic
    - debian/patches/CVE-2022-41724.patch: replace all usages of
      BytesOrPanic
    - CVE-2022-41724
  * SECURITY UPDATE: denial of service from excessive resource consumption
    - debian/patches/CVE-2022-41725.patch: imit memory/inode consumption of
      ReadForm
    - CVE-2022-41725
  * SECURITY UPDATE: DoS issue due to panic
    - debian/patches/CVE-2023-24534.patch: avoid overpredicting the number
      of MIME header keys
    - CVE-2023-24534
  * SECURITY UPDATE: integer overflow issue
    - debian/patches/CVE-2023-24537.patch: reject large line and column
      number in //line directives
    - CVE-2023-24537
  * SECURITY UPDATE: code injection vulnerability
    - debian/patches/CVE-2023-24538.patch: disallow actions in JS template
      literals
    - CVE-2023-24538

 -- Nishit Majithia <email address hidden>  Mon, 05 Jun 2023 09:49:37 +0530
  • golang-1.19 (1.19.2-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Wed, 05 Oct 2022 15:02:12 -0500
  • golang-1.19 (1.19.1-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Tue, 13 Sep 2022 15:08:37 -0500
  • golang-1.19 (1.19-1ubuntu2) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Wed, 03 Aug 2022 09:04:08 -0500
  • golang-1.19 (1.19-1ubuntu1~ppa5) kinetic; urgency=medium

  * Add CGO_FLAGS patch once again.

 -- William 'jawn-smith' Wilson <email address hidden>  Mon, 08 Aug 2022 17:44:06 -0500
  • golang-1.19 (1.19~rc2-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Wed, 13 Jul 2022 16:21:52 -0500
  • golang-1.19 (1.19~rc1-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Fri, 08 Jul 2022 09:58:02 -0500
  • golang-1.19 (1.19~beta1-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch
      disable internal linking when dynamically linking and CGO_CFLAGS
      contains flags that might make host object files that the internal
      linkers ELF reader does not support. This fixes lots of package builds
      when LTO is enabled by default via dpkg-buildflags.
    - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being
      compressed.

 -- William 'jawn-smith' Wilson <email address hidden>  Wed, 15 Jun 2022 09:31:28 -0500
  • golang-1.19 (1.19~beta1-1) unstable; urgency=medium

  * New upstream version 1.19 beta1

 -- William 'jawn-smith' Wilson <email address hidden>  Fri, 10 Jun 2022 13:52:13 -0500