diff options
author | Paul Eggleton <paul.eggleton@microsoft.com> | 2022-04-21 18:40:37 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-04-25 15:14:08 +0100 |
commit | 71fafac324f23f62db6709c0998562e8f07f2361 (patch) | |
tree | da8dbf3de65c3de721d616f587ebae8676a4f06e | |
parent | 0dd9a182acea8f883511f1d34b794e4a7f3ec62a (diff) | |
download | poky-71fafac324f23f62db6709c0998562e8f07f2361.tar.gz |
ref-manual: add mention of vendor filtering to CVE_PRODUCT
Mention the vendor filtering functionality - prompted by OE-Core
revision 45d1a0bea0c628f84a00d641a4d323491988106f.
(From yocto-docs rev: 13ff5a49f14a26772b4775d9ecd08627e6becd4d)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | documentation/ref-manual/variables.rst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst index 47ea316395..4e90f03ca3 100644 --- a/documentation/ref-manual/variables.rst +++ b/documentation/ref-manual/variables.rst | |||
@@ -1485,6 +1485,13 @@ system and gives an overview of their function and contents. | |||
1485 | 1485 | ||
1486 | CVE_PRODUCT = "oracle_berkeley_db berkeley_db" | 1486 | CVE_PRODUCT = "oracle_berkeley_db berkeley_db" |
1487 | 1487 | ||
1488 | Sometimes the product name is not specific enough, for example | ||
1489 | "tar" has been matching CVEs for the GNU ``tar`` package and also | ||
1490 | the ``node-tar`` node.js extension. To avoid this problem, use the | ||
1491 | vendor name as a prefix. The syntax for this is:: | ||
1492 | |||
1493 | CVE_PRODUCT = "vendor:package" | ||
1494 | |||
1488 | :term:`CVSDIR` | 1495 | :term:`CVSDIR` |
1489 | The directory in which files checked out under the CVS system are | 1496 | The directory in which files checked out under the CVS system are |
1490 | stored. | 1497 | stored. |