Skip to content
This repository has been archived by the owner on Feb 9, 2022. It is now read-only.

Commit

Permalink
go: Exclude CVE-2021-29923 from report list
Browse files Browse the repository at this point in the history 
Upstream don't believe it is a signifiant real world issue and will only
fix in 1.17 onwards. Therefore exclude it from our reports.

golang/go#30999 (comment)

(From OE-Core rev: 9dfc6abbb83f8792fbfa1acb9c0fe4ab23872d8f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
  • Loading branch information
@rpurdie
rpurdie committed Sep 14, 2021
1 parent 6aa55dd commit 7f73831
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions meta/recipes-devtools/go/go-1.14.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,9 @@ SRC_URI += "\
"
SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149"

# Upstream don't believe it is a signifiant real world issue and will only
# fix in 1.17 onwards where we can drop this.
# https://github.com/golang/go/issues/30999#issuecomment-910470358
CVE_CHECK_WHITELIST += "CVE-2021-29923"

0 comments on commit 7f73831

Please sign in to comment.