[OE-core] [PATCH 1/6] cve-update-db-native: don't hardcode the database name
akuster808
akuster808 at gmail.com
Mon Nov 18 19:11:43 UTC 2019
On 11/18/19 8:46 AM, Ross Burton wrote:
> Don't hardcode the database filename, there's a variable for this in
> cve-check.bbclass.
>
> Signed-off-by: Ross Burton <ross.burton at intel.com>
do you recommend these being backported ?
- armin
> ---
> meta/recipes-core/meta/cve-update-db-native.bb | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
> index 19875a49b1c..c15534de08b 100644
> --- a/meta/recipes-core/meta/cve-update-db-native.bb
> +++ b/meta/recipes-core/meta/cve-update-db-native.bb
> @@ -28,8 +28,8 @@ python do_populate_cve_db() {
> BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
> YEAR_START = 2002
>
> - db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK')
> - db_file = os.path.join(db_dir, 'nvdcve_1.0.db')
> + db_file = d.getVar("CVE_CHECK_DB_FILE")
> + db_dir = os.path.dirname(db_file)
> json_tmpfile = os.path.join(db_dir, 'nvd.json.gz')
>
> # Don't refresh the database more than once an hour
More information about the Openembedded-core
mailing list