MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 20:59:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

grpc-go: add grpc to CVE_PRODUCT

Browse Source 
Some cves are reported with "cpe:2.3🅰️grpc:grpc:*:*:*:*:*:go:*:*"
See https://nvd.nist.gov/vuln/detail/CVE-2023-44487

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This commit is contained in:
Peter Marko 2023-11-05 15:04:28 +01:00 committed by Bruce Ashfield
parent 92a7e8ec46
commit 11d15351a2
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
recipes-devtools/go/grpc-go_git.bb
View File

@ -39,3 +39,7 @@ go_grpc_sysroot_preprocess () {
FILES:${PN} += " \ FILES:${PN} += " \
${prefix}/local/go/src/${PKG_NAME}/* \ ${prefix}/local/go/src/${PKG_NAME}/* \
" "
# some CVEs are reported with "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*"
# it's better to have false positives than false negatives
CVE_PRODUCT += "grpc"