go: Exclude CVE-2021-29923 from report list

Upstream don't believe it is a signifiant real world issue and will only fix in 1.17 onwards. Therefore exclude it from our reports. https://github.com/golang/go/issues/30999#issuecomment-910470358 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-09-06 15:11:51 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-09-06 15:27:43 +0100
commit: 5bd5faf0c34b47b2443975d66b71482d2380a01a (patch)
tree: f683198f88caf884afc4fd79bd450fc7fc17678b
parent: 0cae5d7a24bedf6784781b62cbb3795a44bab4d1 (diff)
download: openembedded-core-contrib-5bd5faf0c34b47b2443975d66b71482d2380a01a.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.16.7.inc b/meta/recipes-devtools/go/go-1.16.7.inc
index bc1cd94449..02a9268779 100644
--- a/meta/recipes-devtools/go/go-1.16.7.inc
+++ b/meta/recipes-devtools/go/go-1.16.7.inc
@@ -18,3 +18,8 @@ SRC_URI += "\
     file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
 "
 SRC_URI[main.sha256sum] = "1a9f2894d3d878729f7045072f30becebe243524cf2fce4e0a7b248b1e0654ac"
+
+# Upstream don't believe it is a signifiant real world issue and will only
+# fix in 1.17 onwards where we can drop this.
+# https://github.com/golang/go/issues/30999#issuecomment-910470358
+CVE_CHECK_WHITELIST += "CVE-2021-29923"
author	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-09-06 15:11:51 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-09-06 15:27:43 +0100
commit	5bd5faf0c34b47b2443975d66b71482d2380a01a (patch)
tree	f683198f88caf884afc4fd79bd450fc7fc17678b
parent	0cae5d7a24bedf6784781b62cbb3795a44bab4d1 (diff)
download	openembedded-core-contrib-5bd5faf0c34b47b2443975d66b71482d2380a01a.tar.gz