cve-update-db-native: use SQL placeholders instead of format strings

(From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575) (From OE-Core rev: 075683d23018760e8b2fa0b793ceacd9027e55c3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@intel.com> 2019-11-06 17:37:34 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-11-07 19:47:26 +0000
commit: 723bd744df2e9d87c6f115a98a0fbc3ea515c3ec (patch)
tree: 28fde0b155942ea4c880f3f8f2e3a48634d153d9
parent: be0549c677e3be922476b1b43e54765957efff43 (diff)
download: poky-723bd744df2e9d87c6f115a98a0fbc3ea515c3ec.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index ae8f1a958b..d60159bc2a 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -57,7 +57,7 @@ python do_populate_cve_db() {
            break
        # Compare with current db last modified date
-        c.execute("select DATE from META where YEAR = '%d'" % year)
+        c.execute("select DATE from META where YEAR = ?", (year,))
        meta = c.fetchone()
        if not meta or meta[0] != last_modified:
            # Update db with current year json file
author	Ross Burton <ross.burton@intel.com>	2019-11-06 17:37:34 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-11-07 19:47:26 +0000
commit	723bd744df2e9d87c6f115a98a0fbc3ea515c3ec (patch)
tree	28fde0b155942ea4c880f3f8f2e3a48634d153d9
parent	be0549c677e3be922476b1b43e54765957efff43 (diff)
download	poky-723bd744df2e9d87c6f115a98a0fbc3ea515c3ec.tar.gz

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index ae8f1a958b..d60159bc2a 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -57,7 +57,7 @@ python do_populate_cve_db() {
57	break	57	break
58		58
59	# Compare with current db last modified date	59	# Compare with current db last modified date
60	c.execute("select DATE from META where YEAR = '%d'" % year)	60	c.execute("select DATE from META where YEAR = ?", (year,))
61	meta = c.fetchone()	61	meta = c.fetchone()
62	if not meta or meta[0] != last_modified:	62	if not meta or meta[0] != last_modified:
63	# Update db with current year json file	63	# Update db with current year json file