mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-05-04 22:39:49 +02:00

Commit Graph

Author	SHA1	Message	Date
Alexander Kanavin	e1f059f34e	meta: set S to be in UNPACKDIR in recipes that explicitly set S (From OE-Core rev: 7321cc17ae5483f17fe9cdffea7b62acd9d9c3a2) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2025-06-20 12:07:26 +01:00
Peter Marko	ea635ace50	go: set status of CVE-2024-3566 NVD ([1]) tracks this as: cpe:2.3🅰️golang:go:::::::: Running on/with cpe:2.3⭕microsoft:windows:-:::::::* Yocto cve-check ignores the "Running on/with", so it needs to be ignored explicitly. [1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566 (From OE-Core rev: c8ce6710d864d237fdf67d2c3d3aa0f0970a2a05) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2025-06-19 22:00:10 +01:00
Peter Marko	7088d89aff	go: upgrade 1.24.3 -> 1.24.4 Upgrade to latest 1.24.x release [1]: $ git --no-pager log --oneline go1.24.3..go1.24.4 6796ebb2cb [release-branch.go1.24] go1.24.4 85897ca220 [release-branch.go1.24] net/http: strip sensitive proxy headers from redirect requests 9f9cf28f8f [release-branch.go1.24] os: don't follow symlinks on Windows when O_CREATE\|O_EXCL a31c931adf [release-branch.go1.24] cmd/link: allow linkname reference to a TEXT symbol regardless of size 03811ab1b3 [release-branch.go1.24] crypto/x509: decouple key usage and policy validation 04a9473847 [release-branch.go1.24] lib/fips140: set inprocess.txt to v1.0.0 db8f1dc948 [release-branch.go1.24] hash/maphash: hash channels in purego version of maphash.Comparable 664cf832ec [release-branch.go1.24] runtime/debug: document DefaultGODEBUG as a BuildSetting 431f75a0b9 [release-branch.go1.24] os: fix Root.Mkdir permission bits on OpenBSD Fixes CVE-2025-4673, CVE-2025-0913 and CVE-2025-22874 [2]. [1] https://github.com/golang/go/compare/go1.24.3...go1.24.4 [2] https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A (From OE-Core rev: 25aed3ec02c22857380957783e2926bf3368398c) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2025-06-12 11:03:43 +01:00

Author

SHA1

Message

Date

Alexander Kanavin

e1f059f34e

meta: set S to be in UNPACKDIR in recipes that explicitly set S

(From OE-Core rev: 7321cc17ae5483f17fe9cdffea7b62acd9d9c3a2)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2025-06-20 12:07:26 +01:00

Peter Marko

ea635ace50

go: set status of CVE-2024-3566

NVD ([1]) tracks this as:
cpe:2.3🅰️golang:go:*:*:*:*:*:*:*:*
Running on/with
  cpe:2.3⭕microsoft:windows:-:*:*:*:*:*:*:*

Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566

(From OE-Core rev: c8ce6710d864d237fdf67d2c3d3aa0f0970a2a05)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2025-06-19 22:00:10 +01:00

Peter Marko

7088d89aff

go: upgrade 1.24.3 -> 1.24.4

Upgrade to latest 1.24.x release [1]:

$ git --no-pager log --oneline go1.24.3..go1.24.4
6796ebb2cb [release-branch.go1.24] go1.24.4
85897ca220 [release-branch.go1.24] net/http: strip sensitive proxy headers from redirect requests
9f9cf28f8f [release-branch.go1.24] os: don't follow symlinks on Windows when O_CREATE|O_EXCL
a31c931adf [release-branch.go1.24] cmd/link: allow linkname reference to a TEXT symbol regardless of size
03811ab1b3 [release-branch.go1.24] crypto/x509: decouple key usage and policy validation
04a9473847 [release-branch.go1.24] lib/fips140: set inprocess.txt to v1.0.0
db8f1dc948 [release-branch.go1.24] hash/maphash: hash channels in purego version of maphash.Comparable
664cf832ec [release-branch.go1.24] runtime/debug: document DefaultGODEBUG as a BuildSetting
431f75a0b9 [release-branch.go1.24] os: fix Root.Mkdir permission bits on OpenBSD

Fixes CVE-2025-4673, CVE-2025-0913 and CVE-2025-22874 [2].

[1] https://github.com/golang/go/compare/go1.24.3...go1.24.4
[2] https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A

(From OE-Core rev: 25aed3ec02c22857380957783e2926bf3368398c)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2025-06-12 11:03:43 +01:00

3 Commits