This update for go1.19 fixes the following issues: Update to 1.19.9 : \- CVE-2023-24539: fixed an improper sanitization of CSS values . \- CVE-2023-24540: fixed an improper handling of JavaScript whitespace . \- CVE-2023-29400: fixed an improper handling of empty HTML attributes . \- runtime: automatically bump RLIMIT_NOFILE on Unix \- cmd/compile: inlining function that references function literals generates bad code. \- cmd/compile: encoding/binary.PutUint16 sometimes doesn"t write. \- crypto/tls: TLSv1.3 connection fails with invalid PSK binder. \- cmd/compile: incorrect inline function variable. Non-security fixes: * Various packaging fixes * Reduced install size .