| Message ID | 20221026160713.2068570-2-michael.opdenacker@bootlin.com |
|---|---|
| State | New |
| Headers | show |
| Series | Improve CVE check and patching documentation | expand |
On Wed, 2022-10-26 at 18:07 +0200, Michael Opdenacker via lists.yoctoproject.org wrote: > From: Michael Opdenacker <michael.opdenacker@bootlin.com> > > From: Mikko Rapeli <mikko.rapeli@linaro.org> I think your "From:" injection script may need a tweak to avoid two entries! Cheers, Richard
Hi Richard On 10/26/22 18:32, Richard Purdie wrote: > On Wed, 2022-10-26 at 18:07 +0200, Michael Opdenacker via > lists.yoctoproject.org wrote: >> From: Michael Opdenacker <michael.opdenacker@bootlin.com> >> >> From: Mikko Rapeli <mikko.rapeli@linaro.org> > I think your "From:" injection script may need a tweak to avoid two > entries! Oh, this is funny! Actually, I don't have any special script. Mikko's "From:" was added by "git format-patch" Mine was added by "git send-email". I'll keep an eye on this. Good catch, thanks! Michael.
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst index 71e8c272a7..0f9df3ac20 100644 --- a/documentation/ref-manual/variables.rst +++ b/documentation/ref-manual/variables.rst @@ -1508,6 +1508,18 @@ system and gives an overview of their function and contents. CVE_PRODUCT = "vendor:package" + :term:`CVE_VERSION` + In a recipe, defines the version used to match the recipe version + against the version in the `NIST CVE database <https://nvd.nist.gov/>`__ + when usign :ref:`cve-check <ref-classes-cve-check>`. + + The default is ${:term:`PV`} but if recipes use custom version numbers + which do not map to upstream software component release versions and the versions + used in the CVE database, then this variable can be used to set the + version number for :ref:`cve-check <ref-classes-cve-check>`. Example:: + + CVE_VERSION = "2.39" + :term:`CVSDIR` The directory in which files checked out under the CVS system are stored.