cve-update-nvd2-native: use exact times, don't truncate

When requesting updates in a specific range, use the actual current time and database mtime instead of truncating to midnight, and explicitly set the timezone to UTC so that NIST don't treat the timestamps as _their_ local time when they're _our_ local time. (From OE-Core rev: 9aa0ec37f5f74252588d2494a71c71a7d8e68df9) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-17 09:32:12 +02:00 · 2023-06-23 13:32:50 +01:00
parent 9eadf45934
commit 49eddee652
1 changed files with 2 additions and 2 deletions
--- a/meta/recipes-core/meta/cve-update-nvd2-native.bb
+++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb
@@ -172,8 +172,8 @@ def update_db_file(db_tmp_file, d, database_time):
    # The maximum range for time is 120 days
    # Force a complete update if our range is longer
    if (database_time != 0):
-        database_date = datetime.datetime.combine(datetime.date.fromtimestamp(database_time), datetime.time())
-        today_date = datetime.datetime.combine(datetime.date.today(), datetime.time())
+        database_date = datetime.datetime.fromtimestamp(database_time, tz=datetime.timezone.utc)
+        today_date = datetime.datetime.now(tz=datetime.timezone.utc)
        delta = today_date - database_date
        if delta.days < 120:
            bb.debug(2, "CVE database: performing partial update")