Yocto Project and CVEs – Yocto Project Summit 2019


The Yocto Project community is doing a lot of work around CVEs, but that work is not always visible to our members. This presentation covers how CVEs are processed and the tools to help support this work, in particular the Security Response Tool contributed last year and the various CVE build check tools.

We will also discuss ways to better engage the community in tracking, communicating, and fixing CVEs.



David Reyna, SMTS, Wind River