From: michael.opdenacker@bootlin.com
To: docs@lists.yoctoproject.org
Cc: rybczynska@gmail.com, mikko.rapeli@linaro.org,
Michael Opdenacker <michael.opdenacker@bootlin.com>
Subject: [PATCH v2 1/4] ref-manual: variables.rst: add documentation for CVE_VERSION
Date: Wed, 26 Oct 2022 18:07:10 +0200 [thread overview]
Message-ID: <20221026160713.2068570-2-michael.opdenacker@bootlin.com> (raw)
In-Reply-To: <20221026160713.2068570-1-michael.opdenacker@bootlin.com>
From: Michael Opdenacker <michael.opdenacker@bootlin.com>
From: Mikko Rapeli <mikko.rapeli@linaro.org>
Related to cve-check.bbclass.
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
---
documentation/ref-manual/variables.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst
index 71e8c272a7..0f9df3ac20 100644
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -1508,6 +1508,18 @@ system and gives an overview of their function and contents.
CVE_PRODUCT = "vendor:package"
+ :term:`CVE_VERSION`
+ In a recipe, defines the version used to match the recipe version
+ against the version in the `NIST CVE database <https://nvd.nist.gov/>`__
+ when usign :ref:`cve-check <ref-classes-cve-check>`.
+
+ The default is ${:term:`PV`} but if recipes use custom version numbers
+ which do not map to upstream software component release versions and the versions
+ used in the CVE database, then this variable can be used to set the
+ version number for :ref:`cve-check <ref-classes-cve-check>`. Example::
+
+ CVE_VERSION = "2.39"
+
:term:`CVSDIR`
The directory in which files checked out under the CVS system are
stored.
--
2.34.1
next prev parent reply other threads:[~2022-10-26 16:07 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1721A288D2BAB036.492@lists.yoctoproject.org>
2022-10-26 16:07 ` [PATCH v2 0/4] Improve CVE check and patching documentation michael.opdenacker
2022-10-26 16:07 ` michael.opdenacker [this message]
2022-10-26 16:32 ` [docs] [PATCH v2 1/4] ref-manual: variables.rst: add documentation for CVE_VERSION Richard Purdie
2022-10-26 17:51 ` Michael Opdenacker
2022-10-26 16:07 ` [PATCH v2 2/4] ref-manual: classes.rst: improve documentation for cve-check.bbclass michael.opdenacker
2022-10-26 16:07 ` [PATCH v2 3/4] dev-manual: common-tasks.rst: add regular updates and CVE scans to security best practices michael.opdenacker
2022-10-26 16:07 ` [PATCH v2 4/4] dev-manual: common-tasks.rst: refactor and improve "Checking for Vulnerabilities" section michael.opdenacker
2022-10-27 6:54 ` Mikko Rapeli
2022-10-27 8:16 ` [docs] " Michael Opdenacker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221026160713.2068570-2-michael.opdenacker@bootlin.com \
--to=michael.opdenacker@bootlin.com \
--cc=docs@lists.yoctoproject.org \
--cc=mikko.rapeli@linaro.org \
--cc=rybczynska@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox