diff options
Diffstat (limited to 'documentation/dev-manual')
| -rw-r--r-- | documentation/dev-manual/common-tasks.rst | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/documentation/dev-manual/common-tasks.rst b/documentation/dev-manual/common-tasks.rst index ca6d594386..d7f0b263e7 100644 --- a/documentation/dev-manual/common-tasks.rst +++ b/documentation/dev-manual/common-tasks.rst | |||
| @@ -11507,8 +11507,15 @@ known security vulnerabilities, as tracked by the public | |||
| 11507 | `Common Vulnerabilities and Exposures (CVE) <https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures>`__ | 11507 | `Common Vulnerabilities and Exposures (CVE) <https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures>`__ |
| 11508 | database. | 11508 | database. |
| 11509 | 11509 | ||
| 11510 | To know which packages are vulnerable to known security vulnerabilities, | 11510 | The Yocto Project maintains a `list of known vulnerabilities |
| 11511 | add the following setting to your configuration:: | 11511 | <https://autobuilder.yocto.io/pub/non-release/patchmetrics/>`__ |
| 11512 | for packages in Poky and OE-Core, tracking the evolution of the number of | ||
| 11513 | unpatched CVEs and the status of patches. Such information is available for | ||
| 11514 | the current development version and for each supported release. | ||
| 11515 | |||
| 11516 | To know which packages are vulnerable to known security vulnerabilities | ||
| 11517 | in the specific image you are building, add the following setting to your | ||
| 11518 | configuration:: | ||
| 11512 | 11519 | ||
| 11513 | INHERIT += "cve-check" | 11520 | INHERIT += "cve-check" |
| 11514 | 11521 | ||