This bug was fixed in the package golang-1.14 - 1.14.3-2ubuntu2~20.04.2
--------------- golang-1.14 (1.14.3-2ubuntu2~20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: XSS (LP: #1914372) - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in net/http/cgi and net/http/fcgi. - CVE-2020-24553
-- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:03:32 +0100
This bug was fixed in the package golang-1.14 - 1.14.3- 2ubuntu2~ 20.04.2
--------------- 2ubuntu2~ 20.04.2) focal-security; urgency=medium
golang-1.14 (1.14.3-
* SECURITY UPDATE: XSS (LP: #1914372) patches/ CVE-2020- 24553.patch: Add Content-Type detection in
- debian/
net/http/cgi and net/http/fcgi.
- CVE-2020-24553
-- Dariusz Gadomski <email address hidden> Wed, 03 Feb 2021 10:03:32 +0100