mirror of
https://github.com/openwrt/packages.git
synced 2025-12-23 01:34:31 +04:00
41c5a695dd
Includes fixes for:
* CVE-2023-39318: html/template: improper handling of HTML-like comments
within script contexts
* CVE-2023-39319: html/template: improper handling of special tags
within script contexts
* CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary
execution
* CVE-2023-39321 and CVE-2023-39322: crypto/tls: panic when processing
partial post-handshake message in QUICConn.HandleData
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit d9a999521e)