mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-27 11:13:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

go-binary-native: set status for CVE-2026-39836

Browse Source 
This issue affects Windows only. The net.Dial and net.LookupPort
functions can panic when given input containing a NUL byte.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2026-39836
https://security-tracker.debian.org/tracker/CVE-2026-39836

(From OE-Core rev: 8aab8b31425b3820ef65fc40061b9377c574607b)

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
Sudhir Dumbhare
2026-06-02 23:09:39 -07:00
committed by Paul Barker
parent 4aa2dfec70
commit f3fbf45c1d
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-devtools/go/go-binary-native_1.22.12.bb
View File

@@ -19,6 +19,7 @@ UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
CVE_PRODUCT = "golang:go"
CVE_STATUS[CVE-2024-3566] = "not-applicable-platform: Issue only applies on Windows"
CVE_STATUS[CVE-2025-0913] = "not-applicable-platform: Issue only applies on Windows"
CVE_STATUS[CVE-2026-39836] = "not-applicable-platform: Issue only applies on Windows"
S = "${WORKDIR}/go"