Bug 1215084 (CVE-2023-39318) - VUL-0: CVE-2023-39318: go1.20,go1.21: html/template: improper handling of HTML-like comments within script contexts
Summary: VUL-0: CVE-2023-39318: go1.20,go1.21: html/template: improper handling of HTM...
Status: NEW
Alias: CVE-2023-39318
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Jeff Kowalczyk
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/377579/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-39318:6.8:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-09-06 23:24 UTC by Jeff Kowalczyk
Modified: 2024-05-17 12:00 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
stoyan.manolov: needinfo? (jkowalczyk)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeff Kowalczyk 2023-09-06 23:24:29 UTC 
The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.

Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this issue.

This is CVE-2023-39318 and Go issue https://go.dev/issue/62196.
Comment 1 OBSbugzilla Bot 2023-09-07 22:05:10 UTC 
This is an autogenerated message for OBS integration:
This bug (1215084) was mentioned in
https://build.opensuse.org/request/show/1109621 Factory / go1.20
Comment 4 Maintenance Automation 2023-09-20 12:30:44 UTC 
SUSE-SU-2023:3701-1: An update that solves five vulnerabilities and has one security fix can now be installed.

Category: security (important)
Bug References: 1212475, 1215084, 1215085, 1215086, 1215087, 1215090
CVE References: CVE-2023-39318, CVE-2023-39319, CVE-2023-39320, CVE-2023-39321, CVE-2023-39322
Sources used:
Development Tools Module 15-SP5 (src): go1.21-1.21.1-150000.1.6.1
openSUSE Leap 15.4 (src): go1.21-1.21.1-150000.1.6.1
openSUSE Leap 15.5 (src): go1.21-1.21.1-150000.1.6.1
Development Tools Module 15-SP4 (src): go1.21-1.21.1-150000.1.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 5 Maintenance Automation 2023-09-20 12:30:47 UTC 
SUSE-SU-2023:3700-1: An update that solves two vulnerabilities and has two security fixes can now be installed.

Category: security (important)
Bug References: 1206346, 1215084, 1215085, 1215090
CVE References: CVE-2023-39318, CVE-2023-39319
Sources used:
openSUSE Leap 15.4 (src): go1.20-1.20.8-150000.1.23.1
openSUSE Leap 15.5 (src): go1.20-1.20.8-150000.1.23.1
Development Tools Module 15-SP4 (src): go1.20-1.20.8-150000.1.23.1
Development Tools Module 15-SP5 (src): go1.20-1.20.8-150000.1.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Maintenance Automation 2023-09-27 20:30:16 UTC 
SUSE-SU-2023:3840-1: An update that solves three vulnerabilities and has two security fixes can now be installed.

Category: security (important)
Bug References: 1206346, 1213880, 1215084, 1215085, 1215090
CVE References: CVE-2023-29409, CVE-2023-39318, CVE-2023-39319
Sources used:
openSUSE Leap 15.4 (src): go1.20-openssl-1.20.8.1-150000.1.11.1
openSUSE Leap 15.5 (src): go1.20-openssl-1.20.8.1-150000.1.11.1
Development Tools Module 15-SP4 (src): go1.20-openssl-1.20.8.1-150000.1.11.1
Development Tools Module 15-SP5 (src): go1.20-openssl-1.20.8.1-150000.1.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 OBSbugzilla Bot 2023-10-31 15:35:19 UTC 
This is an autogenerated message for OBS integration:
This bug (1215084) was mentioned in
https://build.opensuse.org/request/show/1121461 Backports:SLE-12 / go1.21
Comment 12 Marcus Meissner 2023-11-09 14:05:13 UTC 
openSUSE-SU-2023:0360-1: An update that solves 8 vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1212475,1212667,1212669,1215084,1215085,1215086,1215087,1215090,1215985,1216109
CVE References: CVE-2023-39318,CVE-2023-39319,CVE-2023-39320,CVE-2023-39321,CVE-2023-39322,CVE-2023-39323,CVE-2023-39325,CVE-2023-44487
JIRA References: 
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    go-1.21-41.1, go1.21-1.21.3-2.1
Comment 14 Maintenance Automation 2023-11-16 20:30:11 UTC 
SUSE-SU-2023:4469-1: An update that solves 10 vulnerabilities, contains one feature and has two security fixes can now be installed.

Category: security (moderate)
Bug References: 1212475, 1212667, 1212669, 1215084, 1215085, 1215086, 1215087, 1215090, 1215985, 1216109, 1216943, 1216944
CVE References: CVE-2023-39318, CVE-2023-39319, CVE-2023-39320, CVE-2023-39321, CVE-2023-39322, CVE-2023-39323, CVE-2023-39325, CVE-2023-44487, CVE-2023-45283, CVE-2023-45284
Jira References: SLE-18320
Sources used:
openSUSE Leap 15.4 (src): go1.21-openssl-1.21.4.1-150000.1.5.1
openSUSE Leap 15.5 (src): go1.21-openssl-1.21.4.1-150000.1.5.1
Development Tools Module 15-SP4 (src): go1.21-openssl-1.21.4.1-150000.1.5.1
Development Tools Module 15-SP5 (src): go1.21-openssl-1.21.4.1-150000.1.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.