[oe-commits] [openembedded-core] 21/49: cve-update-db-native: use SQL placeholders instead of format strings

Wed Nov 6 20:45:08 UTC 2019

This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch sumo-next
in repository openembedded-core.

commit 075683d23018760e8b2fa0b793ceacd9027e55c3
Author: Ross Burton <ross.burton at intel.com>
AuthorDate: Wed Nov 6 17:37:34 2019 +0200

    cve-update-db-native: use SQL placeholders instead of format strings
    
    (From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575)
    
    Signed-off-by: Ross Burton <ross.burton at intel.com>
    Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index ae8f1a9..d60159b 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -57,7 +57,7 @@ python do_populate_cve_db() {
             break
 
         # Compare with current db last modified date
-        c.execute("select DATE from META where YEAR = '%d'" % year)
+        c.execute("select DATE from META where YEAR = ?", (year,))
         meta = c.fetchone()
         if not meta or meta[0] != last_modified:
             # Update db with current year json file

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
