CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

fuse: set CVE_PRODUCT to "fuse_project:fuse"

Browse Source 
Other products like "RedHat:fuse" introduce false CVE findings like:

https://nvd.nist.gov/vuln/detail/CVE-2018-10906
https://nvd.nist.gov/vuln/detail/CVE-2019-14860
https://nvd.nist.gov/vuln/detail/CVE-2020-25689

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit fd7dc34871)
[Fixup for Dunfell context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Mikko Rapeli 2021-01-15 12:50:48 +02:00 committed by Armin Kuster
parent c9e034fbaa
commit a1c7bb2098
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
View File

@ -22,6 +22,8 @@ UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz"
inherit meson pkgconfig
CVE_PRODUCT = "fuse_project:fuse"
DEPENDS = "udev"
PACKAGES =+ "fuse3-utils"

2
meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
View File

@ -27,6 +27,8 @@ CVE_CHECK_WHITELIST += "CVE-2019-14860"
UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"
UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz"
CVE_PRODUCT = "fuse_project:fuse"
inherit autotools pkgconfig update-rc.d systemd
INITSCRIPT_NAME = "fuse"