Special/dual license are not caugth by scanning tooling

Background

The Apertis scanning tools try to get the license and copyright information for all the packages in order to enforce Apertis policies. However, this process is not perfect and something they cannot guess the right one.

As example in pkg/gnutls28!45 (merged) is discussed the issue with libunistring which has dual license "L#3 (closed) and GPL-2" which our tooling get as LGPL-3.

Reproducibility

How often the issue is hit when repeating the steps to reproduce and changing nothing?

Put the ✅ in the most appropriate entry:

1. ✅ always
2. often, but not always
3. rarely

Impact of bug

How severe is the bug? Does it render an image unbootable? Is it a security issue? Does it prevent specific applications from working? What is the impact? Does this bug affect a critical component? Does it cause something else to not work? How often is the bug likely to be found by a user? For example, every boot or once per year?

Outcomes

TBD

Management data

This section is for management only, it should be the last one in the description.

/cc @em @balasubramanian @sudarshan @wlozano

Phabricator link: https://phabricator.apertis.org/T10979