[OE-core] [PATCH 3/3] cve-update-db-native: use SQL placeholders instead of format strings
Ross Burton
ross.burton at intel.com
Wed Jul 17 10:45:38 UTC 2019
Signed-off-by: Ross Burton <ross.burton at intel.com>
---
meta/recipes-core/meta/cve-update-db-native.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index e16c41a72fd..72d1f48835b 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -62,7 +62,7 @@ python do_populate_cve_db() {
break
# Compare with current db last modified date
- c.execute("select DATE from META where YEAR = '%d'" % year)
+ c.execute("select DATE from META where YEAR = ?", (year,))
meta = c.fetchone()
if not meta or meta[0] != last_modified:
# Update db with current year json file
--
2.20.1
More information about the Openembedded-core
mailing list