1 files changed, 64 insertions, 61 deletions
diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc
index b17853035b..2052f4adbc 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -4,67 +4,70 @@ FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-1.21:${FILE_DIRNAME}/go-1.20:${FI
 LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
-SRC_URI += "\
+SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main \
-    file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \
+           file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \
-    file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \
+           file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \
-    file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \
+           file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \
-    file://0004-ld-add-soname-to-shareable-objects.patch \
+           file://0004-ld-add-soname-to-shareable-objects.patch \
-    file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \
+           file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \
-    file://0006-cmd-dist-separate-host-and-target-builds.patch \
+           file://0006-cmd-dist-separate-host-and-target-builds.patch \
-    file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
+           file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
-    file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
+           file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
-    file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
+           file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
-    file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
+           file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
-    file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
+           file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
-    file://0010-net-Fix-issue-with-DNS-not-being-updated.patch  \
+           file://0010-net-Fix-issue-with-DNS-not-being-updated.patch \
-    file://CVE-2022-27664.patch \
+           file://CVE-2022-27664.patch \
-    file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \
+           file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \
-    file://CVE-2022-41715.patch \
+           file://CVE-2022-41715.patch \
-    file://CVE-2022-41717.patch \
+           file://CVE-2022-41717.patch \
-    file://CVE-2022-2879.patch \
+           file://CVE-2022-2879.patch \
-    file://CVE-2022-41720.patch \
+           file://CVE-2022-41720.patch \
-    file://CVE-2022-41723.patch \
+           file://CVE-2022-41723.patch \
-    file://cve-2022-41724.patch \
+           file://cve-2022-41724.patch \
-    file://add_godebug.patch \
+           file://add_godebug.patch \
-    file://cve-2022-41725.patch \
+           file://cve-2022-41725.patch \
-    file://CVE-2022-41722.patch \
+           file://CVE-2022-41722.patch \
-    file://CVE-2023-24537.patch \
+           file://CVE-2023-24537.patch \
-    file://CVE-2023-24534.patch \
+           file://CVE-2023-24534.patch \
-    file://CVE-2023-24538_1.patch \
+           file://CVE-2023-24538_1.patch \
-    file://CVE-2023-24538_2.patch \
+           file://CVE-2023-24538_2.patch \
-    file://CVE-2023-24540.patch \
+           file://CVE-2023-24540.patch \
-    file://CVE-2023-24539.patch \
+           file://CVE-2023-24539.patch \
-    file://CVE-2023-29404.patch \
+           file://CVE-2023-29404.patch \
-    file://CVE-2023-29405.patch \
+           file://CVE-2023-29405.patch \
-    file://CVE-2023-29402.patch \
+           file://CVE-2023-29402.patch \
-    file://CVE-2023-29400.patch \
+           file://CVE-2023-29400.patch \
-    file://CVE-2023-29406-1.patch \
+           file://CVE-2023-29406-1.patch \
-    file://CVE-2023-29406-2.patch \
+           file://CVE-2023-29406-2.patch \
-    file://CVE-2023-24536_1.patch \
+           file://CVE-2023-24536_1.patch \
-    file://CVE-2023-24536_2.patch \
+           file://CVE-2023-24536_2.patch \
-    file://CVE-2023-24536_3.patch \
+           file://CVE-2023-24536_3.patch \
-    file://CVE-2023-24531_1.patch \
+           file://CVE-2023-24531_1.patch \
-    file://CVE-2023-24531_2.patch \
+           file://CVE-2023-24531_2.patch \
-    file://CVE-2023-29409.patch \
+           file://CVE-2023-29409.patch \
-    file://CVE-2023-39319.patch \
+           file://CVE-2023-39319.patch \
-    file://CVE-2023-39318.patch \
+           file://CVE-2023-39318.patch \
-    file://CVE-2023-39326.patch \
+           file://CVE-2023-39326.patch \
-    file://CVE-2023-45285.patch \
+           file://CVE-2023-45285.patch \
-    file://CVE-2023-45287.patch \
+           file://CVE-2023-45287.patch \
-    file://CVE-2023-45289.patch \
+           file://CVE-2023-45289.patch \
-    file://CVE-2023-45290.patch \
+           file://CVE-2023-45290.patch \
-    file://CVE-2024-24784.patch \
+           file://CVE-2024-24784.patch \
-    file://CVE-2024-24785.patch \
+           file://CVE-2024-24785.patch \
-    file://CVE-2023-45288.patch \
+           file://CVE-2023-45288.patch \
-    file://CVE-2024-24789.patch \
+           file://CVE-2024-24789.patch \
-    file://CVE-2024-24791.patch \
+           file://CVE-2024-24791.patch \
-    file://CVE-2024-34155.patch \
+           file://CVE-2024-34155.patch \
-    file://CVE-2024-34156.patch \
+           file://CVE-2024-34156.patch \
-    file://CVE-2024-34158.patch \
+           file://CVE-2024-34158.patch \
-    file://CVE-2024-45336.patch \
+           file://CVE-2024-45336.patch \
-    file://CVE-2025-22871.patch \
+           file://CVE-2025-22871.patch \
-    file://CVE-2025-4673.patch \
+           file://CVE-2025-4673.patch \
-"
+           file://CVE-2025-47907-pre-0001.patch \
+           file://CVE-2025-47907-pre-0002.patch \
+           file://CVE-2025-47907.patch \
+           "
 SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
 # Upstream don't believe it is a signifiant real world issue and will only

diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc index b17853035b..2052f4adbc 100644 --- a/meta/recipes-devtools/go/go-1.17.13.inc +++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -4,67 +4,70 @@ FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-1.21:${FILE_DIRNAME}/go-1.20:${FI
4		4
5	LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"	5	LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
6		6
7	SRC_URI += "\	7	SRC_URI = "https://golang.org/dl/go${PV}.src.tar.gz;name=main \
8	file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \	8	file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \
9	file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \	9	file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \
10	file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \	10	file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \
11	file://0004-ld-add-soname-to-shareable-objects.patch \	11	file://0004-ld-add-soname-to-shareable-objects.patch \
12	file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \	12	file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \
13	file://0006-cmd-dist-separate-host-and-target-builds.patch \	13	file://0006-cmd-dist-separate-host-and-target-builds.patch \
14	file://0007-cmd-go-make-GOROOT-precious-by-default.patch \	14	file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
15	file://0008-use-GOBUILDMODE-to-set-buildmode.patch \	15	file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
16	file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \	16	file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \
17	file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \	17	file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
18	file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \	18	file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
19	file://0010-net-Fix-issue-with-DNS-not-being-updated.patch \	19	file://0010-net-Fix-issue-with-DNS-not-being-updated.patch \
20	file://CVE-2022-27664.patch \	20	file://CVE-2022-27664.patch \
21	file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \	21	file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \
22	file://CVE-2022-41715.patch \	22	file://CVE-2022-41715.patch \
23	file://CVE-2022-41717.patch \	23	file://CVE-2022-41717.patch \
24	file://CVE-2022-2879.patch \	24	file://CVE-2022-2879.patch \
25	file://CVE-2022-41720.patch \	25	file://CVE-2022-41720.patch \
26	file://CVE-2022-41723.patch \	26	file://CVE-2022-41723.patch \
27	file://cve-2022-41724.patch \	27	file://cve-2022-41724.patch \
28	file://add_godebug.patch \	28	file://add_godebug.patch \
29	file://cve-2022-41725.patch \	29	file://cve-2022-41725.patch \
30	file://CVE-2022-41722.patch \	30	file://CVE-2022-41722.patch \
31	file://CVE-2023-24537.patch \	31	file://CVE-2023-24537.patch \
32	file://CVE-2023-24534.patch \	32	file://CVE-2023-24534.patch \
33	file://CVE-2023-24538_1.patch \	33	file://CVE-2023-24538_1.patch \
34	file://CVE-2023-24538_2.patch \	34	file://CVE-2023-24538_2.patch \
35	file://CVE-2023-24540.patch \	35	file://CVE-2023-24540.patch \
36	file://CVE-2023-24539.patch \	36	file://CVE-2023-24539.patch \
37	file://CVE-2023-29404.patch \	37	file://CVE-2023-29404.patch \
38	file://CVE-2023-29405.patch \	38	file://CVE-2023-29405.patch \
39	file://CVE-2023-29402.patch \	39	file://CVE-2023-29402.patch \
40	file://CVE-2023-29400.patch \	40	file://CVE-2023-29400.patch \
41	file://CVE-2023-29406-1.patch \	41	file://CVE-2023-29406-1.patch \
42	file://CVE-2023-29406-2.patch \	42	file://CVE-2023-29406-2.patch \
43	file://CVE-2023-24536_1.patch \	43	file://CVE-2023-24536_1.patch \
44	file://CVE-2023-24536_2.patch \	44	file://CVE-2023-24536_2.patch \
45	file://CVE-2023-24536_3.patch \	45	file://CVE-2023-24536_3.patch \
46	file://CVE-2023-24531_1.patch \	46	file://CVE-2023-24531_1.patch \
47	file://CVE-2023-24531_2.patch \	47	file://CVE-2023-24531_2.patch \
48	file://CVE-2023-29409.patch \	48	file://CVE-2023-29409.patch \
49	file://CVE-2023-39319.patch \	49	file://CVE-2023-39319.patch \
50	file://CVE-2023-39318.patch \	50	file://CVE-2023-39318.patch \
51	file://CVE-2023-39326.patch \	51	file://CVE-2023-39326.patch \
52	file://CVE-2023-45285.patch \	52	file://CVE-2023-45285.patch \
53	file://CVE-2023-45287.patch \	53	file://CVE-2023-45287.patch \
54	file://CVE-2023-45289.patch \	54	file://CVE-2023-45289.patch \
55	file://CVE-2023-45290.patch \	55	file://CVE-2023-45290.patch \
56	file://CVE-2024-24784.patch \	56	file://CVE-2024-24784.patch \
57	file://CVE-2024-24785.patch \	57	file://CVE-2024-24785.patch \
58	file://CVE-2023-45288.patch \	58	file://CVE-2023-45288.patch \
59	file://CVE-2024-24789.patch \	59	file://CVE-2024-24789.patch \
60	file://CVE-2024-24791.patch \	60	file://CVE-2024-24791.patch \
61	file://CVE-2024-34155.patch \	61	file://CVE-2024-34155.patch \
62	file://CVE-2024-34156.patch \	62	file://CVE-2024-34156.patch \
63	file://CVE-2024-34158.patch \	63	file://CVE-2024-34158.patch \
64	file://CVE-2024-45336.patch \	64	file://CVE-2024-45336.patch \
65	file://CVE-2025-22871.patch \	65	file://CVE-2025-22871.patch \
66	file://CVE-2025-4673.patch \	66	file://CVE-2025-4673.patch \
67	"	67	file://CVE-2025-47907-pre-0001.patch \
		68	file://CVE-2025-47907-pre-0002.patch \
		69	file://CVE-2025-47907.patch \
		70	"
68	SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"	71	SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
69		72
70	# Upstream don't believe it is a signifiant real world issue and will only	73	# Upstream don't believe it is a signifiant real world issue and will only