Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Go Text.
Software Description:
- golang-golang-x-text: Supplementary Go text-related libraries
- golang-x-text: Supplementary Go text-related libraries
Details:
It was discovered that Go Text incorrectly handled certain encodings. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14040)
It was discovered that Go Text incorrectly handled certain BCP 47 language
tags. An attacker could possibly use this issue to cause a denial of service.
CVE-2020-28851, CVE-2020-28852 and CVE-2021-38561 affected only
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-28851, CVE-2020-28852, CVE-2021-38561, CVE-2022-32149)
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: golang-golang-x-text-dev 0.3.7-1ubuntu0.22.10.1 Ubuntu 22.04 LTS: golang-golang-x-text-dev 0.3.7-1ubuntu0.20.04.1 Ubuntu 20.04 LTS: golang-golang-x-text-dev 0.3.2-4ubuntu0.1 Ubuntu 18.04 LTS: golang-golang-x-text-dev 0.0~git20170627.0.6353ef0-1ubuntu2.1 golang-x-text-dev 0.0~git20170627.0.6353ef0-1ubuntu2.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5873-1
CVE-2020-14040, CVE-2020-28851, CVE-2020-28852, CVE-2021-38561,
CVE-2022-32149
Get the latest Linux and open source security news straight to your inbox.