11-30, 13:05–13:35 (UTC), Langdale
How to use yoct CVE checker to find security vulnerabilities in your product? How to apply fixes for the detected CVE security issues? What are the common problems in that work?
One of the best practices in making high quality SW project is to detect and apply security fixes for CVE security issues. Based on years of experience in this work, I will show how yocto CVE scanning tooling works, what are the inputs and outputs, how to apply fixes and what are the common problems and pitfalls.
Mikko is a long time user and contributor to the Yocto Project. He has helped develop several Yocto based products which are today rolling down the streets.