Archana Polampalli 5f8155aefa go: fix CVE-2025-58189 ...

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled
information (the ALPN protocols sent by the client) which is not escaped.

(From OE-Core rev: b3f055df67cf345c9a17c5c1c874c778d538ba9e)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2025-12-05 06:56:34 -08:00

..

go-1.18

go: fix CVE-2025-58189

2025-12-05 06:56:34 -08:00

go-1.19

go: Fix CVE-2023-29409

2023-08-30 04:46:35 -10:00

go-1.20

go: Fix CVE-2023-45285 and CVE-2023-45287

2024-02-15 03:51:56 -10:00

go-1.21

go: fix CVE-2024-24783

2025-11-06 07:14:05 -08:00

go_1.17.13.bb

meta: remove True option to getVar and getVarFlag calls (again)

2023-02-15 21:46:56 +00:00

go-1.17.13.inc

go: fix CVE-2025-58189

2025-12-05 06:56:34 -08:00

go-binary-native_1.17.13.bb

go: ignore CVE-2024-3566

2025-06-25 08:11:58 -07:00

go-common.inc

go: ignore CVE-2024-3566

2025-06-25 08:11:58 -07:00

go-cross_1.17.13.bb

go: update v1.17.12 -> v1.17.13

2022-08-28 07:51:29 +01:00

go-cross-canadian_1.17.13.bb

go: update v1.17.12 -> v1.17.13

2022-08-28 07:51:29 +01:00

go-cross-canadian.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00

go-cross.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00

go-crosssdk_1.17.13.bb

go: update v1.17.12 -> v1.17.13

2022-08-28 07:51:29 +01:00

go-crosssdk.inc

go-crosssdk: avoid host contamination by GOCACHE

2023-01-06 17:33:23 +00:00

go-native_1.17.13.bb

go-native: switch from SRC_URI:append to SRC_URI +=

2022-09-28 08:02:11 +01:00

go-runtime_1.17.13.bb

go: update v1.17.12 -> v1.17.13

2022-08-28 07:51:29 +01:00

go-runtime.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00

go-target.inc

go: Remove three unnecessary paths from do_compile[dirs]

2022-03-15 08:40:09 +00:00