cve-update-db-native: update the CVE database once a day only

The update of the NVD database was expected to happen once per hour. However, the database file date changes only if the content was actually updated. In practice, the check worked for the first hour after the new download. As the NVD database changes usually only once a day, we can just update it less frequently. (From OE-Core rev: 27b1cb83ec666cc91930f2a7b5a6282fde77c730) Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 35bccdedadeaba820d58b69fe74ce5e4c1f577e3) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-18 12:32:12 +02:00 · 2022-05-02 16:25:35 +02:00
parent e163bed574
commit fc56536e8a
1 changed files with 2 additions and 2 deletions
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -43,10 +43,10 @@ python do_fetch() {
        if os.path.exists(db_file):
            os.remove(db_file)

-    # Don't refresh the database more than once an hour
+    # The NVD database changes once a day, so no need to update more frequently
    try:
        import time
-        if time.time() - os.path.getmtime(db_file) < (60*60):
+        if time.time() - os.path.getmtime(db_file) < (24*60*60):
            bb.debug(2, "Recently updated, skipping")
            return
    except OSError: