go: ignore CVE-2024-24790

CVE-2024-24790: net/netip module was introduced in go1.18beta1 via a59e33224e42d60a97fa720a45e1b74eb6aaa3d0 (From OE-Core rev: e304b139a8c43a88604ceb93aa933057b1e1748c) Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Hitendra Prajapati <hprajapati@mvista.com> 2025-09-11 17:41:03 +0530
committer: Steve Sakoman <steve@sakoman.com> 2025-09-19 07:03:31 -0700
commit: d3568e56a74c93bc356c0180879ad2928bfb98b6 (patch)
tree: 1dcd676add66e2629350529c6e4b5e90af79116d
parent: ad403d6f6fe24a37a7d62c29d9df79adaeed7e53 (diff)
download: poky-d3568e56a74c93bc356c0180879ad2928bfb98b6.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc
index 36356349d2..b17853035b 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -70,7 +70,8 @@ SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784
 # Upstream don't believe it is a signifiant real world issue and will only
 # fix in 1.17 onwards where we can drop this.
 # https://github.com/golang/go/issues/30999#issuecomment-910470358
-CVE_CHECK_IGNORE += "CVE-2021-29923"
+# CVE-2024-24790:  net/netip module was introduced in go1.18beta1 via a59e33224e42d60a97fa720a45e1b74eb6aaa3d0
+CVE_CHECK_IGNORE += "CVE-2021-29923 CVE-2024-24790"
 # This are specific to Microsoft Windows
 CVE_CHECK_IGNORE += "CVE-2022-41716 CVE-2023-45283 CVE-2023-45284 CVE-2025-0913"
author	Hitendra Prajapati <hprajapati@mvista.com>	2025-09-11 17:41:03 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-09-19 07:03:31 -0700
commit	d3568e56a74c93bc356c0180879ad2928bfb98b6 (patch)
tree	1dcd676add66e2629350529c6e4b5e90af79116d
parent	ad403d6f6fe24a37a7d62c29d9df79adaeed7e53 (diff)
download	poky-d3568e56a74c93bc356c0180879ad2928bfb98b6.tar.gz

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc index 36356349d2..b17853035b 100644 --- a/meta/recipes-devtools/go/go-1.17.13.inc +++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -70,7 +70,8 @@ SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784
70	# Upstream don't believe it is a signifiant real world issue and will only	70	# Upstream don't believe it is a signifiant real world issue and will only
71	# fix in 1.17 onwards where we can drop this.	71	# fix in 1.17 onwards where we can drop this.
72	# https://github.com/golang/go/issues/30999#issuecomment-910470358	72	# https://github.com/golang/go/issues/30999#issuecomment-910470358
73	CVE_CHECK_IGNORE += "CVE-2021-29923"	73	# CVE-2024-24790: net/netip module was introduced in go1.18beta1 via a59e33224e42d60a97fa720a45e1b74eb6aaa3d0
		74	CVE_CHECK_IGNORE += "CVE-2021-29923 CVE-2024-24790"
74		75
75	# This are specific to Microsoft Windows	76	# This are specific to Microsoft Windows
76	CVE_CHECK_IGNORE += "CVE-2022-41716 CVE-2023-45283 CVE-2023-45284 CVE-2025-0913"	77	CVE_CHECK_IGNORE += "CVE-2022-41716 CVE-2023-45283 CVE-2023-45284 CVE-2025-0913"