Go 1.19.3 and 1.18.8 have been released. Both releases contain 1 security fix that follows the security policy, including security fixes for the os/exec and syscall packages, and bug fixes for the runtime, the announcement reads. syscall, os/exec: unsanitized NUL in environment variable On Windows, syscall.StartProcess and os/exec.Cmd did not properly check for invalid environment variable values, resulting in malicious environment variable values…
#released #security #fixes