diff options
author | Ralph Siemsen <ralph.siemsen@linaro.org> | 2022-11-17 11:54:52 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-11-23 00:26:19 +0000 |
commit | bca720eca95929752436b56aa01e7fddfa1c834f (patch) | |
tree | 0f31e497e58654b5f9baa02399e375b46d8aef8b | |
parent | aab2a343be4b0b21dcaf22a7fbf77007d48c08d6 (diff) | |
download | openembedded-core-contrib-bca720eca95929752436b56aa01e7fddfa1c834f.tar.gz |
golang: ignore CVE-2022-29804
The issue only affects Windows per the golang announcement [1]:
On Windows, the filepath.Clean function could convert an invalid path to
a valid, absolute path. For example, Clean(`.\c:`) returned `c:`.
[1] https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-devtools/go/go-1.14.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 6e596f4141..a0278b9816 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -64,4 +64,5 @@ CVE_CHECK_WHITELIST += "CVE-2021-29923" CVE_CHECK_WHITELIST += "CVE-2022-29526" # Issue only on windows +CVE_CHECK_WHITELIST += "CVE-2022-29804" CVE_CHECK_WHITELIST += "CVE-2022-30634" |