You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should see if we can obtain pURLs needed for gcc etc. in order to link it back to be able to look up CVEs related to the product version. The investigation will need to identify where that information is stored for each project. Also can we obtain SBoMs for the dependencies which have been identified and catalogued in the SBoM?
Part of SSDF PS4.1
The text was updated successfully, but these errors were encountered:
sxa
added
the
enhancement
Issues that enhance the code or documentation of the repo in any way
label
Sep 30, 2024
From discussion in the secure dev call:
We should see if we can obtain pURLs needed for gcc etc. in order to link it back to be able to look up CVEs related to the product version. The investigation will need to identify where that information is stored for each project. Also can we obtain SBoMs for the dependencies which have been identified and catalogued in the SBoM?
Part of SSDF PS4.1
The text was updated successfully, but these errors were encountered: