mirror of
https://git.yoctoproject.org/poky
synced 2026-02-20 08:29:42 +01:00
9bae357b12
Source: golang.org MR: 111958, 112390, 112393 Type: Security Fix Disposition: Backport from https://github.com/golang/go.git ChangeID: 662d021814f025b3d768a04864498486f94819a7 Description: Affects < 1.16.5 Fixes: CVE-2021-33196 CVE-2021-33197 CVE-2021-34558 (From OE-Core rev: 1eaac89b0384cc39ea489a3b7ea58eab6b23240b) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
31 lines
1.3 KiB
PHP
31 lines
1.3 KiB
PHP
require go-common.inc
|
|
|
|
GO_BASEVERSION = "1.14"
|
|
GO_MINOR = ".15"
|
|
PV .= "${GO_MINOR}"
|
|
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
|
|
|
|
LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
|
|
|
|
SRC_URI += "\
|
|
file://0001-allow-CC-and-CXX-to-have-multiple-words.patch \
|
|
file://0002-cmd-go-make-content-based-hash-generation-less-pedan.patch \
|
|
file://0003-allow-GOTOOLDIR-to-be-overridden-in-the-environment.patch \
|
|
file://0004-ld-add-soname-to-shareable-objects.patch \
|
|
file://0005-make.bash-override-CC-when-building-dist-and-go_boot.patch \
|
|
file://0006-cmd-dist-separate-host-and-target-builds.patch \
|
|
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
|
|
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
|
|
file://CVE-2021-34558.patch \
|
|
file://CVE-2021-33196.patch \
|
|
file://CVE-2021-33197.patch \
|
|
"
|
|
SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
|
|
SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149"
|
|
|
|
# Upstream don't believe it is a signifiant real world issue and will only
|
|
# fix in 1.17 onwards where we can drop this.
|
|
# https://github.com/golang/go/issues/30999#issuecomment-910470358
|
|
CVE_CHECK_WHITELIST += "CVE-2021-29923"
|
|
|