manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS

- Mention CVE_STATUS_GROUPS in the development manual (otherwise only present in the reference manual, but with no reference to it) - In the reference manual description of CVE_STATUS, link back to the development manual, to provide context. (From yocto-docs rev: cfef5fe41b6c819e783c88829448ae38141650a5) Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Michael Opdenacker <michael.opdenacker@bootlin.com> 2023-10-27 19:45:43 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-10-31 13:12:06 +0000
commit: 6fb4c79030e9eb6ac18660e30cfce8227a0d204b (patch)
tree: aa10a20b680a817bd4b6f917c82915d2dd83b98e /documentation/dev-manual
parent: 1e1d892699dd27acdf961553f9b04cd36c9698f2 (diff)
download: poky-6fb4c79030e9eb6ac18660e30cfce8227a0d204b.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst
index 71111bb3e2..c492b62ffd 100644
--- a/documentation/dev-manual/vulnerabilities.rst
+++ b/documentation/dev-manual/vulnerabilities.rst
@@ -164,6 +164,9 @@ the :term:`CVE_STATUS` variable flag with appropriate reason which is mapped to
 As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those
 issues in the CVE database directly.
+Note that if there are many CVEs with the same status and reason, those can be
+shared by using the :term:`CVE_STATUS_GROUPS` variable.
 Recipes can be completely skipped by CVE check by including the recipe name in
 the :term:`CVE_CHECK_SKIP_RECIPE` variable.
author	Michael Opdenacker <michael.opdenacker@bootlin.com>	2023-10-27 19:45:43 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-10-31 13:12:06 +0000
commit	6fb4c79030e9eb6ac18660e30cfce8227a0d204b (patch)
tree	aa10a20b680a817bd4b6f917c82915d2dd83b98e /documentation/dev-manual
parent	1e1d892699dd27acdf961553f9b04cd36c9698f2 (diff)
download	poky-6fb4c79030e9eb6ac18660e30cfce8227a0d204b.tar.gz

diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst index 71111bb3e2..c492b62ffd 100644 --- a/documentation/dev-manual/vulnerabilities.rst +++ b/documentation/dev-manual/vulnerabilities.rst
@@ -164,6 +164,9 @@ the :term:`CVE_STATUS` variable flag with appropriate reason which is mapped to
164	As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those	164	As mentioned previously, if data in the CVE database is wrong, it is recommend to fix those
165	issues in the CVE database directly.	165	issues in the CVE database directly.
166		166
		167	Note that if there are many CVEs with the same status and reason, those can be
		168	shared by using the :term:`CVE_STATUS_GROUPS` variable.
		169
167	Recipes can be completely skipped by CVE check by including the recipe name in	170	Recipes can be completely skipped by CVE check by including the recipe name in
168	the :term:`CVE_CHECK_SKIP_RECIPE` variable.	171	the :term:`CVE_CHECK_SKIP_RECIPE` variable.
169		172