Skip to content

Releases: Ericsson/yocto-security-tools

Release list

v1.0.1

Choose a tag to compare

@danielturull danielturull released this 03 Jul 14:46
66e179a

What's Changed

New Contributors

  • @github-actions[bot] made their first contribution in #27

Full Changelog: v1.0.0...v1.0.1

v1.0.0

Choose a tag to compare

@danielturull danielturull released this 02 Jul 07:13
8c270b9

yocto-security-tools v1.0.0

Initial release of standalone CVE management tools for Yocto/OpenEmbedded.

Tools

  • cve-metadata-extractor — Find fix commits from multiple public sources (Debian, OSV, CVEList V5, Ubuntu)
  • cve-corrector — Automate CVE backporting to Yocto recipes via devtool
  • cve-agent — AI-assisted conflict resolution for CVE backports

Highlights

  • Plugin system for custom CVE sources and AI backends (drop .py files in extra/)
  • XDG Base Directory compliant storage
  • Minimal dependencies: only requests and packaging
  • Python 3.10+ supported

Install

pip install yocto-security-tools

Documentation

See README.md (https://github.com/Ericsson/yocto-security-tools/blob/main/README.md) for usage and CONTRIBUTING.md
(https://github.com/Ericsson/yocto-security-tools/blob/main/CONTRIBUTING.md) for development guidelines.