Sudhir Dumbhare 7d782f3ed0 go: fix CVE-2026-32288 ...

This patch applies the upstream fix [1], as referenced in [2],
to address unbounded sparse map handling in `archive/tar`.

[1] 82b0cdb741
[2] https://security-tracker.debian.org/tracker/CVE-2026-32288

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2026-32288

(From OE-Core rev: 775c3af36899eebe5612844accdfd2a8a2a9327a)

Signed-off-by: Sudhir Dumbhare <sudumbha@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>

2026-06-26 16:55:53 +01:00

..

go

go: fix CVE-2026-32288

2026-06-26 16:55:53 +01:00

go_1.22.12.bb

go: upgrade 1.22.11 -> 1.22.12

2025-02-14 06:38:54 -08:00

go-1.22.12.inc

go: fix CVE-2026-32288

2026-06-26 16:55:53 +01:00

go-binary-native_1.22.12.bb

go-binary-native: ignore CVE-2025-0913

2025-09-01 08:30:56 -07:00

go-common.inc

go: set status of CVE-2024-3566

2025-06-25 08:35:09 -07:00

go-cross_1.22.12.bb

go: upgrade 1.22.11 -> 1.22.12

2025-02-14 06:38:54 -08:00

go-cross-canadian_1.22.12.bb

go: upgrade 1.22.11 -> 1.22.12

2025-02-14 06:38:54 -08:00

go-cross-canadian.inc

go: Drop linkmode with nativesdk/cross-canadian

2024-03-06 12:13:16 +00:00

go-cross.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00

go-crosssdk_1.22.12.bb

go: upgrade 1.22.11 -> 1.22.12

2025-02-14 06:38:54 -08:00

go-crosssdk.inc

gcc/go: Drop crosssdk suffix from virtual provides to improve dependency handling

2023-05-02 10:24:50 +01:00

go-runtime_1.22.12.bb

go: upgrade 1.22.11 -> 1.22.12

2025-02-14 06:38:54 -08:00

go-runtime.inc

go: Drop the linkmode completely

2024-05-23 08:55:01 -07:00

go-target.inc

go: Drop linkmode with nativesdk/cross-canadian

2024-03-06 12:13:16 +00:00