]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2c4fb77) | patch
golang: CVE-2022-32189 a denial of service
authorHitendra Prajapati <hprajapati@mvista.com>
Mon, 29 Aug 2022 05:35:47 +0000 (11:05 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 29 Aug 2022 15:01:17 +0000 (05:01 -1000)
commit9b3420c9a91059eb55754078bb1e733972e94489
treeb4c98b1318d4c50d5bd04e02d1c11308b5a492ddtree
parent2c4fb77f417464d9cd40f0ebd8cc52e6e6ca689ecommit | diff
golang: CVE-2022-32189 a denial of service

Source: https://github.com/golang/go
MR: 120634
Type: Security Fix
Disposition: Backport from https://github.com/golang/go/commit/703c8ab7e5ba75c95553d4e249309297abad7102
ChangeID: 3ade323dd52a6b654358f6738a0b3411ccc6d3f8
Description:
CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/go/go-1.14.inc diff | blob | blame | history
meta/recipes-devtools/go/go-1.14/CVE-2022-32189.patch [new file with mode: 0644] blob
Mirror of git://git.openembedded.org/openembedded-core