diff options
Diffstat (limited to 'documentation')
| -rw-r--r-- | documentation/ref-manual/classes.rst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/documentation/ref-manual/classes.rst b/documentation/ref-manual/classes.rst index 8d69e9947f..9520d0bf7c 100644 --- a/documentation/ref-manual/classes.rst +++ b/documentation/ref-manual/classes.rst | |||
| @@ -564,6 +564,13 @@ The ``Patched`` state of a CVE issue is detected from patch files with the forma | |||
| 564 | ``CVE-ID.patch``, e.g. ``CVE-2019-20633.patch``, in the :term:`SRC_URI` and using | 564 | ``CVE-ID.patch``, e.g. ``CVE-2019-20633.patch``, in the :term:`SRC_URI` and using |
| 565 | CVE metadata of format ``CVE: CVE-ID`` in the commit message of the patch file. | 565 | CVE metadata of format ``CVE: CVE-ID`` in the commit message of the patch file. |
| 566 | 566 | ||
| 567 | .. note:: | ||
| 568 | |||
| 569 | Commit message metadata (``CVE: CVE-ID`` in a patch header) will not be scanned | ||
| 570 | in any patches that are remote, i.e. that are anything other than local files | ||
| 571 | referenced via ``file://`` in SRC_URI. However, a ``CVE-ID`` in a remote patch | ||
| 572 | file name itself will be registered. | ||
| 573 | |||
| 567 | If the recipe adds ``CVE-ID`` as flag of the :term:`CVE_STATUS` variable with status | 574 | If the recipe adds ``CVE-ID`` as flag of the :term:`CVE_STATUS` variable with status |
| 568 | mapped to ``Ignored``, then the CVE state is reported as ``Ignored``:: | 575 | mapped to ``Ignored``, then the CVE state is reported as ``Ignored``:: |
| 569 | 576 | ||