manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS

- Mention CVE_STATUS_GROUPS in the development manual (otherwise only present in the reference manual, but with no reference to it) - In the reference manual description of CVE_STATUS, link back to the development manual, to provide context. (From yocto-docs rev: cfef5fe41b6c819e783c88829448ae38141650a5) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Michael Opdenacker <michael.opdenacker@bootlin.com> 2023-10-27 19:45:43 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-10-30 11:11:17 +0000
commit: e0800e8d8a81111832d351d9a14a5ea9c2c09c50 (patch)
tree: aac5ac86df0db5926b26b0f674344fc05cf61a85 /documentation/dev-manual
parent: f9ddf08ffd964c61cb8f85ac3ca6b440071474dc (diff)
download: poky-e0800e8d8a81111832d351d9a14a5ea9c2c09c50.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst
index 71111bb3e2..c492b62ffd 100644
--- a/documentation/dev-manual/vulnerabilities.rst
+++ b/documentation/dev-manual/vulnerabilities.rst
@@ -164,6 +164,9 @@ the :term:`CVE_STATUS` variable flag with appropriate reason which is mapped to
 As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those
 issues in the CVE database directly.
+Note that if there are many CVEs with the same status and reason, those can be
+shared by using the :term:`CVE_STATUS_GROUPS` variable.
 Recipes can be completely skipped by CVE check by including the recipe name in
 the :term:`CVE_CHECK_SKIP_RECIPE` variable.
author	Michael Opdenacker <michael.opdenacker@bootlin.com>	2023-10-27 19:45:43 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-10-30 11:11:17 +0000
commit	e0800e8d8a81111832d351d9a14a5ea9c2c09c50 (patch)
tree	aac5ac86df0db5926b26b0f674344fc05cf61a85 /documentation/dev-manual
parent	f9ddf08ffd964c61cb8f85ac3ca6b440071474dc (diff)
download	poky-e0800e8d8a81111832d351d9a14a5ea9c2c09c50.tar.gz

diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst index 71111bb3e2..c492b62ffd 100644 --- a/documentation/dev-manual/vulnerabilities.rst +++ b/documentation/dev-manual/vulnerabilities.rst
@@ -164,6 +164,9 @@ the :term:`CVE_STATUS` variable flag with appropriate reason which is mapped to
164	As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those	164	As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those
165	issues in the CVE database directly.	165	issues in the CVE database directly.
166		166
		167	Note that if there are many CVEs with the same status and reason, those can be
		168	shared by using the :term:`CVE_STATUS_GROUPS` variable.
		169
167	Recipes can be completely skipped by CVE check by including the recipe name in	170	Recipes can be completely skipped by CVE check by including the recipe name in
168	the :term:`CVE_CHECK_SKIP_RECIPE` variable.	171	the :term:`CVE_CHECK_SKIP_RECIPE` variable.
169		172