diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-08-10 10:18:46 +0200 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-08-20 07:37:19 -0700 |
| commit | 2cc9a0249b7a5dfd70c359220840ece08b6eb495 (patch) | |
| tree | 309d69549919404a77bc59e9d2f39cf8f35aa543 | |
| parent | 6d83b872af7421e1e4f18c999f356855116dc238 (diff) | |
| download | poky-2cc9a0249b7a5dfd70c359220840ece08b6eb495.tar.gz | |
go: ignore CVE-2025-0913
This is problem on Windows platform only.
Per NVD report [1], CPE has "and" clause
Running on/with
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Also linked patch [2] changes Windows files only (and tests).
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-0913
[2] https://go-review.googlesource.com/c/go/+/672396
(From OE-Core rev: ec1c6ab989b298773e8df8a6a4532f88b93617ff)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-devtools/go/go-1.22.12.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-devtools/go/go-1.22.12.inc b/meta/recipes-devtools/go/go-1.22.12.inc index af09cb52cd..ea57b23c3e 100644 --- a/meta/recipes-devtools/go/go-1.22.12.inc +++ b/meta/recipes-devtools/go/go-1.22.12.inc | |||
| @@ -19,3 +19,5 @@ SRC_URI += "\ | |||
| 19 | file://CVE-2025-4673.patch \ | 19 | file://CVE-2025-4673.patch \ |
| 20 | " | 20 | " |
| 21 | SRC_URI[main.sha256sum] = "012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71" | 21 | SRC_URI[main.sha256sum] = "012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71" |
| 22 | |||
| 23 | CVE_STATUS[CVE-2025-0913] = "not-applicable-platform: Issue only applies on Windows" | ||