Other products like "RedHat:fuse" introduce false CVE findings like:
https://nvd.nist.gov/vuln/detail/CVE-2018-10906 https://nvd.nist.gov/vuln/detail/CVE-2019-14860 https://nvd.nist.gov/vuln/detail/CVE-2020-25689 Signed-off-by: Mikko Rapeli <[email protected]> --- meta-filesystems/recipes-support/fuse/fuse3_3.9.3.bb | 2 ++ meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb | 2 ++ 2 files changed, 4 insertions(+) diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.9.3.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.9.3.bb index 8ef9ee12c..e80b3f553 100644 --- a/meta-filesystems/recipes-support/fuse/fuse3_3.9.3.bb +++ b/meta-filesystems/recipes-support/fuse/fuse3_3.9.3.bb @@ -20,6 +20,8 @@ S = "${WORKDIR}/fuse-${PV}" UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"; UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz" +CVE_PRODUCT = "fuse_project:fuse" + inherit meson pkgconfig ptest SRC_URI += " \ diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb index 95e870691..2c272d452 100644 --- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb +++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb @@ -22,6 +22,8 @@ SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7 UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"; UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz" +CVE_PRODUCT = "fuse_project:fuse" + inherit autotools pkgconfig update-rc.d systemd INITSCRIPT_NAME = "fuse" -- 2.20.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#88784): https://lists.openembedded.org/g/openembedded-devel/message/88784 Mute This Topic: https://lists.openembedded.org/mt/79698893/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
