diff options
| author |   Andrii Bordunov via Openembedded-core <openembedded-core@lists.openembedded.org> | 2018-10-10 19:25:10 +0300 |
|---|---|---|
| committer |   Armin Kuster <akuster808@gmail.com> | 2018-10-22 15:25:10 +0100 |
| commit | 60c05c299e2c00d5e4a2d21cbe358d3c8b075878 (patch) | |
| tree | 93945d1fb84dbfce496d29c7715fae586974b271 /meta/classes/cve-report.bbclass | |
| parent | 7f630b4caa00393ee48a3b8b9e4665b20d865993 (diff) | |
| download | openembedded-core-contrib-60c05c299e2c00d5e4a2d21cbe358d3c8b075878.tar.gz | |
cvert-kernel - generate CVE report for the Linux kernel
NVD entries for the Linux kernel are almost always outdated.
For example, https://nvd.nist.gov/vuln/detail/CVE-2018-1065
is shown as matched for "versions up to (including) 4.15.7",
however the patch 57ebd808a97d has been back ported for 4.14.
By default, it checks NVD Resource entries for the patch
URLs and looks for the commits in the local GIT tree.
Additionaly ("--resource") it checks other resources, that
may have up-to-date CVE data. You can combine resources and
decide which one you want to be based on.
Signed-off-by: grygorii tertychnyi <gtertych@cisco.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/classes/cve-report.bbclass')
0 files changed, 0 insertions, 0 deletions