Detecting and fixing CVE security issues in yocto based embedded Linux distribution
11-30, 13:05–13:35 (UTC), Langdale

How to use yoct CVE checker to find security vulnerabilities in your product? How to apply fixes for the detected CVE security issues? What are the common problems in that work?

One of the best practices in making high quality SW project is to detect and apply security fixes for CVE security issues. Based on years of experience in this work, I will show how yocto CVE scanning tooling works, what are the inputs and outputs, how to apply fixes and what are the common problems and pitfalls.

See also: Presentation slides (686.7 KB)

Mikko is a long time user and contributor to the Yocto Project. He has helped develop several Yocto based products which are today rolling down the streets.