go: fix CVE-2025-47907 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Praveen Kumar <praveen.kumar@windriver.com>	2025-08-26 09:27:43 +0530
committer	Steve Sakoman <steve@sakoman.com>	2025-09-01 08:30:56 -0700
commit	766dfe511580a9e69f9ddca465b859404abdb060 (patch)
tree	b145bd8d4ec1ff5b0e97b59bfd318e92686232b8 /scripts/lib/scriptutils.py
parent	f584b357c3b4bd8cc48668caece670c1b929c8ce (diff)
download	poky-766dfe511580a9e69f9ddca465b859404abdb060.tar.gz

go: fix CVE-2025-47907

Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-47907 Upstream-patch: https://github.com/golang/go/commit/8a924caaf348fdc366bab906424616b2974ad4e9 (From OE-Core rev: 22d8ac9884208b8f9b2a69ec6a257c62e1f2f8d2) Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/scriptutils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: