Revision as of 11:08, 14 June 2023 by Registered User
This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.
1. Overview[edit source]
This article explains how to configure OpenSTLinux Yocto build to check CVE (Common Vulnerabilities and Exposures) status.
2. OpenEmbedded/Yocto[edit source]
OpenEmbedded/Yocto provides a class which permits to check CVE status.
To enable a check for CVE status, add on your configuration (conf/local.conf):
INHERIT += "cve-check"
For more information about how to configure exclusions for CVE check, see the section Vulnerability check at build time on Yocto manual.
The CVE check generates some CVE status by package on <build directory>/tmp-glibc/deploy/cve/ directory.
Example for tf-a-stm32mp:
tf-a-stm32mp tf-a-stm32mp_cve.json
The two files contains the same information but first one stored as text content and second one as json.