I don't see the patch on this list or in patchworks. Could you please resend?
Thanks, Steve On Sat, Apr 22, 2023 at 6:12 AM Shubham Kulkarni <skulka...@mvista.com> wrote: > > Hi Steve, > > Is there any issue with this patch? It's not included in the patch review > list email. > > Thanks, > Shubham > > On Fri, 21 Apr, 2023, 4:54 pm Shubham Kulkarni, <skulka...@mvista.com> wrote: >> >> From: Shubham Kulkarni <skulka...@mvista.com> >> >> The vulnerability was introduced in go1.15beta1 with commit d5734d4. >> Dunfell uses go1.14 version which does not contain the affected code. >> >> Ref: https://security-tracker.debian.org/tracker/CVE-2022-1705 >> >> Signed-off-by: Shubham Kulkarni <skulka...@mvista.com> >> --- >> meta/recipes-devtools/go/go-1.14.inc | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/meta/recipes-devtools/go/go-1.14.inc >> b/meta/recipes-devtools/go/go-1.14.inc >> index 8df9d62612..961e233fe6 100644 >> --- a/meta/recipes-devtools/go/go-1.14.inc >> +++ b/meta/recipes-devtools/go/go-1.14.inc >> @@ -85,3 +85,6 @@ CVE_CHECK_WHITELIST += "CVE-2022-30630" >> >> # This is specific to Microsoft Windows >> CVE_CHECK_WHITELIST += "CVE-2022-41716" >> + >> +# Issue introduced in go1.15beta1, does not exist in 1.14 >> +CVE_CHECK_WHITELIST += "CVE-2022-1705" >> -- >> 2.40.0 >>
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#180325): https://lists.openembedded.org/g/openembedded-core/message/180325 Mute This Topic: https://lists.openembedded.org/mt/98436310/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
