[OE-core] [PATCH 1/3] cve-check: allow recipes to override the product name
Mariano Lopez
mariano.lopez at linux.intel.com
Wed Dec 7 17:05:39 UTC 2016
On 07/12/16 10:50, Ross Burton wrote:
> Add a new variable CVE_PRODUCT for the product name to look up in the NVD
> database. Default this to BPN, but allow recipes such as tiff (which is libtiff
> in NVD) to override it.
>
> Signed-off-by: Ross Burton <ross.burton at intel.com>
>
I like the idea to be able to override the name that cve-check-tool
checks. The only drawback would be the burden of adding these to needed
recipes. This is still better to have to guess the correct name, or to
check PROVIDES or RPROVIDES, there are just too much corner cases. So
this solution has my approval.
More information about the Openembedded-core
mailing list