Message ID | 20240926104909.29841-1-s-tokumoto@fujitsu.com |
---|---|
State | Accepted |
Headers | show |
Series | [meta-oe] fuse: Add "fuse:fuse" to CVE_PRODUCT | expand |
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb index 6f613e9cd..fca7d42b3 100644 --- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb +++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb @@ -23,7 +23,7 @@ SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7 UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases" UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz" -CVE_PRODUCT = "fuse_project:fuse" +CVE_PRODUCT = "fuse_project:fuse fuse:fuse" inherit autotools pkgconfig update-rc.d systemd
Since there are vulnerabilities that cannot be detected by the existing CVE_PRODUCT, add "fuse:fuse" to CVE_PRODUCT. https://nvd.nist.gov/vuln/detail/CVE-2010-0789 https://nvd.nist.gov/vuln/detail/CVE-2005-1858 Signed-off-by: Shunsuke Tokumoto <s-tokumoto@fujitsu.com> --- meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)