[kirkstone,12/14] go: ignore CVE-2024-3566

Message ID	571fd82e29fe809c63a5743e534ed7816d787963.1750604257.git.steve@sakoman.com
State	New
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.169, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 12/14] go: ignore CVE-2024-3566 Date: Sun, 22 Jun 2025 08:00:07 -0700 Message-ID: <571fd82e29fe809c63a5743e534ed7816d787963.1750604257.git.steve@sakoman.com> In-Reply-To: <cover.1750604257.git.steve@sakoman.com> References: <cover.1750604257.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/14] libsoup: patch CVE-2025-4476 \| expand [kirkstone,01/14] libsoup: patch CVE-2025-4476 [kirkstone,02/14] libsoup: Fix CVE-2025-4969 [kirkstone,03/14] libsoup: fix CVE-2025-32907 [kirkstone,04/14] libsoup: fix CVE-2025-32051 [kirkstone,05/14] libsoup: fix CVE-2025-46421 [kirkstone,06/14] libsoup: fix CVE-2025-4948 [kirkstone,07/14] libsoup-2.4: Fix CVE-2025-4969 [kirkstone,08/14] libsoup-2.4: fix CVE-2025-32907 [kirkstone,09/14] libsoup-2.4: fix CVE-2025-46421 [kirkstone,10/14] libsoup-2.4: fix CVE-2025-4948 [kirkstone,11/14] libsoup-2.4: fix CVE-2025-4476 [kirkstone,12/14] go: ignore CVE-2024-3566 [kirkstone,13/14] systemtap: add sysroot Python paths to configure flags [kirkstone,14/14] cmake: Correctly handle cost data of tests with arbitrary chars in name

Message ID

571fd82e29fe809c63a5743e534ed7816d787963.1750604257.git.steve@sakoman.com

State

New

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 12/14] go: ignore CVE-2024-3566
Date: Sun, 22 Jun 2025 08:00:07 -0700
Message-ID: 
 <571fd82e29fe809c63a5743e534ed7816d787963.1750604257.git.steve@sakoman.com>
In-Reply-To: <cover.1750604257.git.steve@sakoman.com>
References: <cover.1750604257.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/14] libsoup: patch CVE-2025-4476 | expand

Commit Message

Steve Sakoman June 22, 2025, 3 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

NVD ([1]) tracks this as:
cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*
Running on/with
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-devtools/go/go-binary-native_1.17.13.bb | 3 +++
 meta/recipes-devtools/go/go-common.inc               | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/meta/recipes-devtools/go/go-binary-native_1.17.13.bb b/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
index 4ee0148417..0f356b0e79 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.17.13.bb
@@ -14,6 +14,9 @@  SRC_URI[go_linux_arm64.sha256sum] = "914daad3f011cc2014dea799bb7490442677e4ad6de
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
 
+# not-applicable-platform: Issue only applies on Windows
+CVE_CHECK_IGNORE += "CVE-2024-3566"
+
 S = "${WORKDIR}/go"
 
 inherit goarch native
diff --git a/meta/recipes-devtools/go/go-common.inc b/meta/recipes-devtools/go/go-common.inc
index 83f8db7b39..e2ffba27bd 100644
--- a/meta/recipes-devtools/go/go-common.inc
+++ b/meta/recipes-devtools/go/go-common.inc
@@ -19,6 +19,9 @@  S = "${WORKDIR}/go"
 B = "${S}"
 UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.src\.tar"
 
+# not-applicable-platform: Issue only applies on Windows
+CVE_CHECK_IGNORE += "CVE-2024-3566"
+
 INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
 SSTATE_SCAN_CMD = "true"

[kirkstone,12/14] go: ignore CVE-2024-3566

Commit Message

Patch