From a1c7bb2098709f3be0f2057437e8e451c9c3a2ae Mon Sep 17 00:00:00 2001
From: Mikko Rapeli <mikko.rapeli@bmw.de>
Date: Fri, 15 Jan 2021 12:50:48 +0200
Subject: fuse: set CVE_PRODUCT to "fuse_project:fuse"

Other products like "RedHat:fuse" introduce false CVE findings like:

https://nvd.nist.gov/vuln/detail/CVE-2018-10906
https://nvd.nist.gov/vuln/detail/CVE-2019-14860
https://nvd.nist.gov/vuln/detail/CVE-2020-25689

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit fd7dc3487134aae50382c651996077ee1d109060)
[Fixup for Dunfell context]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb | 2 ++
 meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb  | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
index 24b17fc93b..dc9132a82e 100644
--- a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
@@ -22,6 +22,8 @@ UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz"
 
 inherit meson pkgconfig
 
+CVE_PRODUCT = "fuse_project:fuse"
+
 DEPENDS = "udev"
 
 PACKAGES =+ "fuse3-utils"
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
index 49682b3cd4..4ec1213519 100644
--- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
@@ -27,6 +27,8 @@ CVE_CHECK_WHITELIST += "CVE-2019-14860"
 UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"
 UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz"
 
+CVE_PRODUCT = "fuse_project:fuse"
+
 inherit autotools pkgconfig update-rc.d systemd
 
 INITSCRIPT_NAME = "fuse"
-- 
cgit 1.2.3-korg