diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-09-06 15:11:51 +0100 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2021-09-10 05:49:28 -1000 |
commit | 9dfc6abbb83f8792fbfa1acb9c0fe4ab23872d8f (patch) | |
tree | ef0344a6978b39fecfc9030632cd9ccf684879dd | |
parent | b939b005b06be58a276d565f755ee2d8f3e5dfc1 (diff) | |
download | openembedded-core-contrib-9dfc6abbb83f8792fbfa1acb9c0fe4ab23872d8f.tar.gz |
go: Exclude CVE-2021-29923 from report list
Upstream don't believe it is a signifiant real world issue and will only
fix in 1.17 onwards. Therefore exclude it from our reports.
https://github.com/golang/go/issues/30999#issuecomment-910470358
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5bd5faf0c34b47b2443975d66b71482d2380a01a)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-devtools/go/go-1.14.inc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 3dfd671d11..50136ca841 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -19,3 +19,9 @@ SRC_URI += "\ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149" + +# Upstream don't believe it is a signifiant real world issue and will only +# fix in 1.17 onwards where we can drop this. +# https://github.com/golang/go/issues/30999#issuecomment-910470358 +CVE_CHECK_WHITELIST += "CVE-2021-29923" + |