mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-30 12:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

cve-update-db: Catch request.urlopen errors.

Browse Source 
If the NVD url is not accessible, print a warning on top of the CVE
report, and continue. The database will not be fully updated, but
cve_check can still run on the previous database.

(From OE-Core rev: 0325dd72714f0b447558084f481b77f0ec850eed)

Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Pierre Le Magourou
2019-07-03 11:35:06 +02:00
committed by Richard Purdie
parent a61354e965
commit 4a68a44f56
2 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
meta/classes/cve-check.bbclass
View File

@@ -51,14 +51,15 @@ python do_cve_check () {
Check recipe for patched and unpatched CVEs
"""
if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")):
if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
patched_cves = get_patches_cves(d)
patched, unpatched = check_cves(d, patched_cves)
if patched or unpatched:
cve_data = get_cve_info(d, patched + unpatched)
cve_write_data(d, patched, unpatched, cve_data)
else:
bb.note("Failed to update CVE database, skipping CVE check")
bb.note("No CVE database found, skipping CVE check")
}
addtask cve_check after do_unpack before do_build