go: Exclude CVE-2021-29923 from report list

author Richard Purdie <richard.purdie@linuxfoundation.org>

Mon, 6 Sep 2021 14:11:51 +0000 (15:11 +0100)

committer Steve Sakoman <steve@sakoman.com>

Fri, 10 Sep 2021 15:49:28 +0000 (05:49 -1000)
author Richard Purdie <richard.purdie@linuxfoundation.org>
Mon, 6 Sep 2021 14:11:51 +0000 (15:11 +0100)
committer Steve Sakoman <steve@sakoman.com>
Fri, 10 Sep 2021 15:49:28 +0000 (05:49 -1000)
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc

index 3dfd671d11b01e9b76188ee78ec72cdec6d15138..50136ca841f438b62638aa659df33d75b79062b1 100644 (file)
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -19,3 +19,9 @@ SRC_URI += "\
  "
  SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
  SRC_URI[main.sha256sum] = "7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149"
+
+# Upstream don't believe it is a signifiant real world issue and will only
+# fix in 1.17 onwards where we can drop this.
+# https://github.com/golang/go/issues/30999#issuecomment-910470358
+CVE_CHECK_WHITELIST += "CVE-2021-29923"
+
author	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 6 Sep 2021 14:11:51 +0000 (15:11 +0100)
committer	Steve Sakoman <steve@sakoman.com>
	Fri, 10 Sep 2021 15:49:28 +0000 (05:49 -1000)