]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commitdiff
projects / thirdparty / openembedded / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7880eb8)
go: ignore CVE-2022-41716
authorPeter Marko <peter.marko@siemens.com>
Wed, 19 Apr 2023 21:54:08 +0000 (23:54 +0200)
committerSteve Sakoman <steve@sakoman.com>
Wed, 19 Apr 2023 22:13:56 +0000 (12:13 -1000)
This CVE is specific to Microsoft Windows, ignore it.

Patch fixing it (https://go-review.googlesource.com/c/go/+/446916)
also adds a redundant check to generic os/exec which
could be backported but it should not be necessary as
backport always takes a small risk to break old code.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-devtools/go/go-1.14.inc patch | blob | blame | history

diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index 74017f4d905eafb80dbc715f141933af1036f9dd..8df9d62612d14f0ac01bac5d66c0011e279de218 100644 (file)
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -82,3 +82,6 @@ CVE_CHECK_WHITELIST += "CVE-2021-41772"
 
 # Fixes code that was added in go1.16, does not exist in 1.14
 CVE_CHECK_WHITELIST += "CVE-2022-30630"
+
+# This is specific to Microsoft Windows
+CVE_CHECK_WHITELIST += "CVE-2022-41716"
Mirror of git://git.openembedded.org/openembedded-core