diff options
author | Hitendra Prajapati <hprajapati@mvista.com> | 2022-06-24 17:42:53 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2022-06-24 07:16:22 -1000 |
commit | 2850ef58f2a39a5ab19b1062d1b50160fec4daa8 (patch) | |
tree | 992e2127dd776f0278a0ea4efc76726077418262 /meta/recipes-devtools/go/go-1.14.inc | |
parent | 6625e24a6143765ce2e4e08d25e3fe021bc2cdf6 (diff) | |
download | openembedded-core-contrib-2850ef58f2a39a5ab19b1062d1b50160fec4daa8.tar.gz |
golang: CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header
Source: https://github.com/argoheyard/lang-net
MR: 114874
Type: Security Fix
Disposition: Backport from https://github.com/argoheyard/lang-net/commit/701957006ef151feb43f86aa99c8a1f474f69282
ChangeID: bd3c4f9f44dd1c45e810172087004778522d28eb
Description:
CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header.
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/go/go-1.14.inc')
-rw-r--r-- | meta/recipes-devtools/go/go-1.14.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 773d252bd1..b160222f76 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -24,6 +24,7 @@ SRC_URI += "\ file://CVE-2022-23772.patch \ file://CVE-2021-44717.patch \ file://CVE-2022-24675.patch \ + file://CVE-2021-31525.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" |