From: Ralph Siemsen <ralph.siemsen@linaro.org>
To: openembedded-core@lists.openembedded.org
Cc: Ralph Siemsen <ralph.siemsen@linaro.org>
Subject: [dunfell][PATCH 11/11] golang: ignore CVE-2022-30630
Date: Thu, 17 Nov 2022 11:54:56 -0500 [thread overview]
Message-ID: <20221117165456.1029099-11-ralph.siemsen@linaro.org> (raw)
In-Reply-To: <20221117165456.1029099-1-ralph.siemsen@linaro.org>
The CVE is in the io/fs package, which first appeared in go1.16.
Since dunfell is using go1.14, this issue does not apply.
CVE was fixed in fa2d41d0ca736f3ad6b200b2a4e134364e9acc59
Original code in b64202bc29b9c1cf0118878d1c0acc9cdb2308f6
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
---
meta/recipes-devtools/go/go-1.14.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc
index 4c10104aca..2cd3c9311a 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -72,3 +72,6 @@ CVE_CHECK_WHITELIST += "CVE-2021-33194"
# Issue introduced in go1.16, does not exist in 1.14
CVE_CHECK_WHITELIST += "CVE-2021-41772"
+
+# Fixes code that was added in go1.16, does not exist in 1.14
+CVE_CHECK_WHITELIST += "CVE-2022-30630"
--
2.25.1
prev parent reply other threads:[~2022-11-17 16:55 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-17 16:54 [dunfell][PATCH 01/11] golang: fix CVE-2021-33195 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 02/11] golang: fix CVE-2021-33198 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 03/11] golang: fix CVE-2021-44716 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 04/11] golang: fix CVE-2022-24291 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 05/11] golang: fix CVE-2022-28131 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 06/11] golang: fix CVE-2022-28327 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 07/11] golang: ignore CVE-2022-29804 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 08/11] golang: ignore CVE-2021-33194 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 09/11] golang: ignore CVE-2021-41772 Ralph Siemsen
2022-11-17 16:54 ` [dunfell][PATCH 10/11] golang: ignore CVE-2022-30580 Ralph Siemsen
2022-11-17 16:54 ` Ralph Siemsen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221117165456.1029099-11-ralph.siemsen@linaro.org \
--to=ralph.siemsen@linaro.org \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.