mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-09 05:29:32 +00:00
Code Issues Projects Releases Wiki Activity

lib: sbom30: Add action statement for affected VEX statements

Browse Source 
VEX Affected relationships have a mandatory action statement that
indicates the mitigation for a vulnerability. Since we don't track this
add a statement indicating that no mitigation is known.

(From OE-Core rev: 39545c955474a43d11a45d74a88a5999b02cb8b3)

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Joshua Watt
2025-03-05 14:00:30 -07:00
committed by Richard Purdie
parent b34f84dce8
commit 5d7d2981bd
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/lib/oe/sbom30.py
+1
View File
@@ -685,6 +685,7 @@ class ObjectSet(oe.spdx30.SHACLObjectSet):
to,
spdxid_name="vex-affected",
security_vexVersion=VEX_VERSION,
security_actionStatement="Mitigation action unknown",
)
def new_vex_ignored_relationship(self, from_, to, *, impact_statement):