The latest Long Term Support (LTS) version of Yocto was released last month with the code name “Scarthgap” – presumably named after a mountain pass in the Lake District national park. It promises 4 years of support, meaning regular point releases with security and bug fixes. In the context of increasing regulatory requirements for cyber …
Tag: CVE
Yocto Security Hardening: Security Flags
In our internet connected world, which relies on a growing volume of software – it’s crucial that new products are created with security in mind. Yet much of the software we create or depend on is written with memory-unsafe languages such as C and C++ – It’s a worrying fact given that 70% of all …
Yocto Security Hardening: CVEs
The volume and complexity of the software running in embedded devices is not only astonishing but ever increasing – yet each additional line of code has the potential to introduce a security vulnerability. An attacker may only need to exploit one single vulnerability for a bad outcome to occur. Therefore the obvious way to reduce …