diff options
author | Paul Eggleton <paul.eggleton@microsoft.com> | 2022-04-21 18:40:37 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-04-25 15:22:12 +0100 |
commit | b3f040b4a53fb12a9493b0ef73c3575c3f5d1e09 (patch) | |
tree | 9e416905cfaf8ae3d1e2bb8f72c6f0629084e3a4 /documentation | |
parent | 8da30555672064b6d3e1d0466b4919d9db59c791 (diff) | |
download | poky-b3f040b4a53fb12a9493b0ef73c3575c3f5d1e09.tar.gz |
ref-manual: add mention of vendor filtering to CVE_PRODUCT
Mention the vendor filtering functionality - prompted by OE-Core
revision 45d1a0bea0c628f84a00d641a4d323491988106f.
(From yocto-docs rev: 13ff5a49f14a26772b4775d9ecd08627e6becd4d)
Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'documentation')
-rw-r--r-- | documentation/ref-manual/variables.rst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/documentation/ref-manual/variables.rst b/documentation/ref-manual/variables.rst index 47ea316395..4e90f03ca3 100644 --- a/documentation/ref-manual/variables.rst +++ b/documentation/ref-manual/variables.rst | |||
@@ -1485,6 +1485,13 @@ system and gives an overview of their function and contents. | |||
1485 | 1485 | ||
1486 | CVE_PRODUCT = "oracle_berkeley_db berkeley_db" | 1486 | CVE_PRODUCT = "oracle_berkeley_db berkeley_db" |
1487 | 1487 | ||
1488 | Sometimes the product name is not specific enough, for example | ||
1489 | "tar" has been matching CVEs for the GNU ``tar`` package and also | ||
1490 | the ``node-tar`` node.js extension. To avoid this problem, use the | ||
1491 | vendor name as a prefix. The syntax for this is:: | ||
1492 | |||
1493 | CVE_PRODUCT = "vendor:package" | ||
1494 | |||
1488 | :term:`CVSDIR` | 1495 | :term:`CVSDIR` |
1489 | The directory in which files checked out under the CVS system are | 1496 | The directory in which files checked out under the CVS system are |
1490 | stored. | 1497 | stored. |