summaryrefslogtreecommitdiffstats
path: root/meta/classes/grub-efi-cfg.bbclass
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2019-11-18 16:46:47 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-11-21 23:08:20 +0000
commit7f9cfa0d65c75c9d15e86c4a8cef85f8c85c5986 (patch)
treee0eb74d779fd7878dd73329ddbeca7a4edd496b3 /meta/classes/grub-efi-cfg.bbclass
parent7ebc5b61ffc5039204ecb57215821e46fac2a641 (diff)
downloadpoky-7f9cfa0d65c75c9d15e86c4a8cef85f8c85c5986.tar.gz
cve-check: fetch CVE data once at a time instead of in a single call
This code used to construct a single SQL statement that fetched the NVD data for every CVE requested. For recipes such as the kernel where there are over 2000 CVEs to report this can hit the variable count limit and the query fails with "sqlite3.OperationalError: too many SQL variables". The default limit is 999 variables, but some distributions such as Debian set the default to 250000. As the NVD table has an index on the ID column, whilst requesting the data CVE-by-CVE is five times slower when working with 2000 CVEs the absolute time different is insignificant: 0.05s verses 0.01s on my machine. (From OE-Core rev: 53d0cc1e9b7190fa66d7ff1c59518f91b0128d99) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/grub-efi-cfg.bbclass')
0 files changed, 0 insertions, 0 deletions