Google Git
Sign in
go / vuln / 5a637d0b4292a360fc2d641aa87422fe8213208b
commit5a637d0b4292a360fc2d641aa87422fe8213208b[log] [tgz]
authorZvonimir Pavlinovic <zpavlinovic@google.com>Wed Feb 01 13:54:17 2023 -0800
committerZvonimir Pavlinovic <zpavlinovic@google.com>Wed Feb 01 22:23:15 2023 +0000
tree3a8f6e9daeda13ac399b952c4ce3bfd0ae02c5a7
parentdd534eeddf33556da7d61c8651a641b5e87be9d3 [diff]
cmd/govulncheck/integration: change expectations for selinux and crypto

Due to https://go-review.git.corp.google.com/c/vulndb/+/463682. Before
this change, selinux had all symbols as vulnerable. That resulted in
three symbols used and hence reported by govulncheck. Now, readCon and
writeCon are designated as vulnerable, the former of which is detected.

Also, https://go-review.git.corp.google.com/c/vulndb/+/463678 changes
vulnerable symbols for crypto/elliptic.

Change-Id: I0e9a4f2f95c6736081843a724650a63755a7170c
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/464023
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2 files changed
tree: 3a8f6e9daeda13ac399b952c4ce3bfd0ae02c5a7
  1. client/
  2. cmd/
  3. devtools/
  4. doc/
  5. exp/
  6. internal/
  7. osv/
  8. vulncheck/
  9. .gitignore
  10. all_test.go
  11. checks.bash
  12. CONTRIBUTING.md
  13. go.mod
  14. go.sum
  15. LICENSE
  16. PATENTS
  17. README.md
  18. tools_test.go
README.md

Go Vulnerability Management

Go Reference

This repository contains packages for accessing and analyzing data from the Go Vulnerability Database. It contains the following:

  • Package client: a client for interacting with the Go vulnerability database
  • Package vulncheck: an API for detecting vulnerabilities in Go packages
  • Command govulncheck: a CLI for detecting vulnerabilities in Go packages

Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.

Privacy Policy

The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.

License

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Database entries available at https://vuln.go.dev are distributed under the terms of the CC-BY 4.0 license.