This bug was fixed in the package golang-1.14 - 1.14.3-2ubuntu2~20.04.2
---------------
golang-1.14 (1.14.3-2ubuntu2~20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: XSS (LP: #1914372)
- debian/patches/CVE-2020-24553.patch: Add Content-Type detection in
net/http/cgi and net/http/fcgi.
- CVE-2020-24553
-- Dariusz Gadomski <[email protected]> Wed, 03 Feb 2021 10:03:32
+0100
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1914372
Title:
Ubuntu packages affected by CVE-2020-24553
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-1.14/+bug/1914372/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
