CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

go: ignore CVE-2025-0913

Browse Source 
This is problem on Windows platform only.

Per NVD report [1], CPE has "and" clause
Running on/with
 cpe:2.3microsoft:windows:-:*:*:*:*:*:*:*

Also linked patch [2] changes Windows files only (and tests).

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-0913
[2] https://go-review.googlesource.com/c/go/+/672396

(From OE-Core rev: ec1c6ab989b298773e8df8a6a4532f88b93617ff)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Peter Marko 2025-08-10 10:18:46 +02:00 committed by Steve Sakoman
parent 6d83b872af
commit 2cc9a0249b
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta/recipes-devtools/go/go-1.22.12.inc
View File

@ -19,3 +19,5 @@ SRC_URI += "\
file://CVE-2025-4673.patch \
"
SRC_URI[main.sha256sum] = "012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71"
CVE_STATUS[CVE-2025-0913] = "not-applicable-platform: Issue only applies on Windows"