flex: set CVE_PRODUCT to include vendor

There are many projects called Flex and they have CVEs, so also set the vendor
to remove these false positives.

Signed-off-by: Ross Burton <ross.burton@intel.com>

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

0 files changed, 0 insertions, 0 deletions