mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-06 14:49:50 +00:00
Code Issues Projects Releases Wiki Activity

ref-manual/variables.rst: document CVE_CHECK_VEX_JUSTIFICATION

Browse Source 
Added by commit c0fa3d92cefa ("spdx30: Allow VEX Justification to be
configurable") in OE-Core.

(From yocto-docs rev: cee3eb30cc736d990f2232ede0bc6d9686a63713)

Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Antonin Godard
2025-07-29 11:56:47 +02:00
committed by Richard Purdie
parent 1d54ab1f9d
commit 5d32fd15c2
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
documentation/ref-manual/variables.rst
+7
View File
@@ -2054,6 +2054,13 @@ system and gives an overview of their function and contents.
CVE_CHECK_STATUSMAP[cpe-incorrect] = "Ignored"
:term:`CVE_CHECK_VEX_JUSTIFICATION`
Mapping variable for :term:`CVE_STATUS` reasons
(for example ``not-applicable-platform``) to :ref:`ref-classes-vex`
justifications. Should be set as follows::
CVE_CHECK_VEX_JUSTIFICATION[not-applicable-config] = "vulnerableCodeNotPresent"
:term:`CVE_VERSION`
In a recipe, defines the version used to match the recipe version
against the version in the `NIST CVE database <https://nvd.nist.gov/>`__