trusted-firmware-a.mk: add PKG_CPE_ID

Vulnerabilities of Trusted Firmware A are tracked as
cpe:/a:arm:arm_trusted_firmware

Signed-off-by: Daniel Golle <[email protected]>

include/trusted-firmware-a.mk

@@ -1,4 +1,5 @@
 PKG_NAME ?= trusted-firmware-a
+PKG_CPE_ID ?= cpe:/a:arm:arm_trusted_firmware
 
 ifndef PKG_SOURCE_PROTO
 PKG_SOURCE = trusted-firmware-a-$(PKG_VERSION).tar.gz