Message ID | 20221026131207.3655961-2-mikko.rapeli@linaro.org |
---|---|
State | New |
Headers | show |
Series | Improve CVE check and patching documentation | expand |
On 10/26/22 15:12, Mikko Rapeli wrote: > From: Mikko Rapeli <mikko.rapeli@linaro.org> > > Related to cve-check.bbclass. > > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > --- > documentation/ref-manual/variables.rst | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst > index 71e8c272a7..467b9678f1 100644 > --- a/documentation/ref-manual/variables.rst > +++ b/documentation/ref-manual/variables.rst > @@ -1508,6 +1508,18 @@ system and gives an overview of their function and contents. > > CVE_PRODUCT = "vendor:package" > > + :term:`CVE_VERSION` > + In a recipe, defines the version used to match the recipe version > + against the version in the `NIST CVE database <https://nvd.nist.gov/>`__ > + when usign :ref:`cve-check <ref-classes-cve-check>`. > + > + The default is ${:term:`PV`} but if recipes use custom version numbers > + which do not map to upstream SW component release versions and the versions I'd rather use the full word "software" instead of "SW", which isn't used anywhere else in the documentation. I fixed this in my local branch, so no need to send a new version. Unless there are further reviews. Thanks again Cheers Michael.
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst index 71e8c272a7..467b9678f1 100644 --- a/documentation/ref-manual/variables.rst +++ b/documentation/ref-manual/variables.rst @@ -1508,6 +1508,18 @@ system and gives an overview of their function and contents. CVE_PRODUCT = "vendor:package" + :term:`CVE_VERSION` + In a recipe, defines the version used to match the recipe version + against the version in the `NIST CVE database <https://nvd.nist.gov/>`__ + when usign :ref:`cve-check <ref-classes-cve-check>`. + + The default is ${:term:`PV`} but if recipes use custom version numbers + which do not map to upstream SW component release versions and the versions + used in the CVE database, then this variable can be used to set the + version number for :ref:`cve-check <ref-classes-cve-check>`. Example:: + + CVE_VERSION = "2.39" + :term:`CVSDIR` The directory in which files checked out under the CVS system are stored.