[gnome-continuous-yocto/gnomeostree-3.28-rocko: 3658/8267] cve-check: allow recipes to override the product name

[Emmanuele Bassi <ebassi src gnome org>]

commit 058891183e7669ce5c939c2c9a4b5422d5fa2956
Author: Ross Burton <ross burton intel com>
Date:   Wed Dec 7 11:25:53 2016 +0000

    cve-check: allow recipes to override the product name
    
    Add a new variable CVE_PRODUCT for the product name to look up in the NVD
    database.  Default this to BPN, but allow recipes such as tiff (which is libtiff
    in NVD) to override it.
    
    (From OE-Core rev: ba330051570a4c991885ee726cb187e0c911bd4f)
    
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 meta/classes/cve-check.bbclass |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)
---
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index b0febfb..75b8fa9 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -20,6 +20,10 @@
 # the only method to check against CVEs. Running this tool
 # doesn't guarantee your packages are free of CVEs.
 
+# The product name that the CVE database uses.  Defaults to BPN, but may need to
+# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
+CVE_PRODUCT ?= "${BPN}"
+
 CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
 CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvd.db"
 
@@ -144,7 +148,7 @@ def check_cves(d, patched_cves):
 
     cves_patched = []
     cves_unpatched = []
-    bpn = d.getVar("BPN", True)
+    bpn = d.getVar("CVE_PRODUCT")
     pv = d.getVar("PV", True).split("git+")[0]
     cves = " ".join(patched_cves)
     cve_db_dir = d.getVar("CVE_CHECK_DB_DIR", True)