summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/nasm/nasm_2.15.05.bb
diff options
context:
space:
mode:
authorRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-06 07:12:32 -1000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-05-20 12:30:32 +0100
commit1376f226930eaa600dd635e59b9a654836f6e9c6 (patch)
treef9a4164711cbbd0bd4aa1357d54953e152f9eb67 /meta/recipes-devtools/nasm/nasm_2.15.05.bb
parentc124290d90040806103b8c273948c4863e7bc1b4 (diff)
downloadpoky-1376f226930eaa600dd635e59b9a654836f6e9c6.tar.gz
cve-extra-exclusions.inc: add exclusion list for intractable CVE's
The preferred methods for CVE resolution are: 1. Version upgrades where possible 2. Patches where not possible 3. Database updates where version info is incorrect 4. Exclusion from checking where it is determined that the CVE does not apply to our environment In some cases none of these methods are possible. For example the CVE may be decades old with no apparent resolution, and with broken links that make further research impractical. Some CVEs are vauge with no specific action the project can take too. This patch creates a mechanism for users to remove this type of CVE from the cve-check results via an optional include file. Based on an initial patch from Steve Sakoman <steve@sakoman.com> but extended heavily by RP. (From OE-Core rev: cf282ae03db3f09df42dcd110d7086c2d854642c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/nasm/nasm_2.15.05.bb')
0 files changed, 0 insertions, 0 deletions