Other products like "RedHat:fuse" introduce false CVE findings like:
https://nvd.nist.gov/vuln/detail/CVE-2018-10906 https://nvd.nist.gov/vuln/detail/CVE-2019-14860 https://nvd.nist.gov/vuln/detail/CVE-2020-25689 Signed-off-by: Mikko Rapeli <mikko.rap...@bmw.de> --- meta-filesystems/recipes-support/fuse/fuse3_3.10.1.bb | 2 ++ meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb | 2 ++ 2 files changed, 4 insertions(+) diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.10.1.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.10.1.bb index 80ce02872..49d6c15da 100644 --- a/meta-filesystems/recipes-support/fuse/fuse3_3.10.1.bb +++ b/meta-filesystems/recipes-support/fuse/fuse3_3.10.1.bb @@ -20,6 +20,8 @@ S = "${WORKDIR}/fuse-${PV}" UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"; UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz" +CVE_PRODUCT = "fuse_project:fuse" + inherit meson pkgconfig ptest SRC_URI += " \ diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb index 95e870691..2c272d452 100644 --- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb +++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb @@ -22,6 +22,8 @@ SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7 UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"; UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz" +CVE_PRODUCT = "fuse_project:fuse" + inherit autotools pkgconfig update-rc.d systemd INITSCRIPT_NAME = "fuse" -- 2.20.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88785): https://lists.openembedded.org/g/openembedded-devel/message/88785 Mute This Topic: https://lists.openembedded.org/mt/79698895/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
