diff options
Diffstat (limited to 'meta/recipes-devtools/go/go-1.14.inc')
-rw-r--r-- | meta/recipes-devtools/go/go-1.14.inc | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 3dfd671d11..9c7ceda891 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc | |||
@@ -16,6 +16,112 @@ SRC_URI += "\ | |||
16 | file://0006-cmd-dist-separate-host-and-target-builds.patch \ | 16 | file://0006-cmd-dist-separate-host-and-target-builds.patch \ |
17 | file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ | 17 | file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ |
18 | file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ | 18 | file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ |
19 | file://CVE-2021-34558.patch \ | ||
20 | file://CVE-2021-33196.patch \ | ||
21 | file://CVE-2021-33197.patch \ | ||
22 | file://CVE-2021-38297.patch \ | ||
23 | file://CVE-2022-23806.patch \ | ||
24 | file://CVE-2022-23772.patch \ | ||
25 | file://CVE-2021-44717.patch \ | ||
26 | file://CVE-2022-24675.patch \ | ||
27 | file://CVE-2021-31525.patch \ | ||
28 | file://CVE-2022-30629.patch \ | ||
29 | file://CVE-2022-30631.patch \ | ||
30 | file://CVE-2022-30632.patch \ | ||
31 | file://CVE-2022-30633.patch \ | ||
32 | file://CVE-2022-30635.patch \ | ||
33 | file://CVE-2022-32148.patch \ | ||
34 | file://CVE-2022-32189.patch \ | ||
35 | file://CVE-2021-27918.patch \ | ||
36 | file://CVE-2021-36221.patch \ | ||
37 | file://CVE-2021-39293.patch \ | ||
38 | file://CVE-2021-41771.patch \ | ||
39 | file://CVE-2022-27664.patch \ | ||
40 | file://0001-CVE-2022-32190.patch \ | ||
41 | file://0002-CVE-2022-32190.patch \ | ||
42 | file://0003-CVE-2022-32190.patch \ | ||
43 | file://0004-CVE-2022-32190.patch \ | ||
44 | file://CVE-2022-2880.patch \ | ||
45 | file://CVE-2022-2879.patch \ | ||
46 | file://CVE-2021-33195.patch \ | ||
47 | file://CVE-2021-33198.patch \ | ||
48 | file://CVE-2021-44716.patch \ | ||
49 | file://CVE-2022-24921.patch \ | ||
50 | file://CVE-2022-28131.patch \ | ||
51 | file://CVE-2022-28327.patch \ | ||
52 | file://CVE-2022-41715.patch \ | ||
53 | file://CVE-2022-41717.patch \ | ||
54 | file://CVE-2022-1962.patch \ | ||
55 | file://CVE-2022-41723.patch \ | ||
56 | file://CVE-2022-41722-1.patch \ | ||
57 | file://CVE-2022-41722-2.patch \ | ||
58 | file://CVE-2020-29510.patch \ | ||
59 | file://CVE-2023-24537.patch \ | ||
60 | file://CVE-2023-24534.patch \ | ||
61 | file://CVE-2023-24538-1.patch \ | ||
62 | file://CVE-2023-24538-2.patch \ | ||
63 | file://CVE-2023-24538_3.patch \ | ||
64 | file://CVE-2023-24538_4.patch \ | ||
65 | file://CVE-2023-24538_5.patch \ | ||
66 | file://CVE-2023-24538_6.patch \ | ||
67 | file://CVE-2023-24539.patch \ | ||
68 | file://CVE-2023-24540.patch \ | ||
69 | file://CVE-2023-29405-1.patch \ | ||
70 | file://CVE-2023-29405-2.patch \ | ||
71 | file://CVE-2023-29402.patch \ | ||
72 | file://CVE-2023-29404.patch \ | ||
73 | file://CVE-2023-29400.patch \ | ||
74 | file://CVE-2023-29406-1.patch \ | ||
75 | file://CVE-2023-29406-2.patch \ | ||
76 | file://CVE-2023-29409.patch \ | ||
77 | file://CVE-2022-41725-pre1.patch \ | ||
78 | file://CVE-2022-41725-pre2.patch \ | ||
79 | file://CVE-2022-41725-pre3.patch \ | ||
80 | file://CVE-2022-41725.patch \ | ||
81 | file://CVE-2023-24536_1.patch \ | ||
82 | file://CVE-2023-24536_2.patch \ | ||
83 | file://CVE-2023-24536_3.patch \ | ||
84 | file://CVE-2023-39318.patch \ | ||
85 | file://CVE-2023-39319.patch \ | ||
86 | file://CVE-2023-39326.patch \ | ||
87 | file://CVE-2023-45287-pre1.patch \ | ||
88 | file://CVE-2023-45287-pre2.patch \ | ||
89 | file://CVE-2023-45287-pre3.patch \ | ||
90 | file://CVE-2023-45287.patch \ | ||
91 | file://CVE-2023-45289.patch \ | ||
92 | file://CVE-2023-45290.patch \ | ||
93 | file://CVE-2024-24785.patch \ | ||
94 | file://CVE-2024-24784.patch \ | ||
19 | " | 95 | " |
96 | |||
20 | SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" | 97 | SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" |
21 | SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149" | 98 | SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149" |
99 | |||
100 | # Upstream don't believe it is a signifiant real world issue and will only | ||
101 | # fix in 1.17 onwards where we can drop this. | ||
102 | # https://github.com/golang/go/issues/30999#issuecomment-910470358 | ||
103 | CVE_CHECK_WHITELIST += "CVE-2021-29923" | ||
104 | |||
105 | # this issue affected go1.15 onwards | ||
106 | # https://security-tracker.debian.org/tracker/CVE-2022-29526 | ||
107 | CVE_CHECK_WHITELIST += "CVE-2022-29526" | ||
108 | |||
109 | # Issue only on windows | ||
110 | CVE_CHECK_WHITELIST += "CVE-2022-29804" | ||
111 | CVE_CHECK_WHITELIST += "CVE-2022-30580" | ||
112 | CVE_CHECK_WHITELIST += "CVE-2022-30634" | ||
113 | |||
114 | # Issue is in golang.org/x/net/html/parse.go, not used in go compiler | ||
115 | CVE_CHECK_WHITELIST += "CVE-2021-33194" | ||
116 | |||
117 | # Issue introduced in go1.16, does not exist in 1.14 | ||
118 | CVE_CHECK_WHITELIST += "CVE-2021-41772" | ||
119 | |||
120 | # Fixes code that was added in go1.16, does not exist in 1.14 | ||
121 | CVE_CHECK_WHITELIST += "CVE-2022-30630" | ||
122 | |||
123 | # This is specific to Microsoft Windows | ||
124 | CVE_CHECK_WHITELIST += "CVE-2022-41716" | ||
125 | |||
126 | # Issue introduced in go1.15beta1, does not exist in 1.14 | ||
127 | CVE_CHECK_WHITELIST += "CVE-2022-1705" | ||