projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2fc84a) | patch
golang: Update to 1.21.1 22083/head
authorJeffery To <jeffery.to@gmail.com>
Sun, 10 Sep 2023 19:57:45 +0000 (03:57 +0800)
committerJeffery To <jeffery.to@gmail.com>
Sun, 10 Sep 2023 19:57:45 +0000 (03:57 +0800)
commitd9a999521ea3113f3c48b65d468917bf94f83821
tree6c7d14ba8b8d148febffcb2f97f5b7cc43c016b1tree | snapshot
parentb2fc84a21b6f5c6129fb462a854add3a025a8165commit | diff
golang: Update to 1.21.1

Includes fixes for:

* CVE-2023-39318: html/template: improper handling of HTML-like comments
  within script contexts

* CVE-2023-39319: html/template: improper handling of special tags
  within script contexts

* CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary
  execution

* CVE-2023-39321 and CVE-2023-39322: crypto/tls: panic when processing
  partial post-handshake message in QUICConn.HandleData

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
lang/golang/golang/Makefile diff | blob | history
Mirror of packages feed