manuals: improve description of CVE_STATUS and CVE_STATUS_GROUPS

- Mention CVE_STATUS_GROUPS in the development manual
  (otherwise only present in the reference manual, but with
  no reference to it)

- In the reference manual description of CVE_STATUS,
  link back to the development manual, to provide context.

(From yocto-docs rev: cfef5fe41b6c819e783c88829448ae38141650a5)

Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

documentation/ref-manual/variables.rst

@@ -1724,7 +1724,8 @@ system and gives an overview of their function and contents.
 
       It has the format "reason: description" and the description is optional.
       The Reason is mapped to the final CVE state by mapping via
-      :term:`CVE_CHECK_STATUSMAP`
+      :term:`CVE_CHECK_STATUSMAP`. See :ref:`dev-manual/vulnerabilities:fixing vulnerabilities in recipes`
+      for details.
 
    :term:`CVE_STATUS_GROUPS`
       If there are many CVEs with the same status and reason, they can by simplified by using this