cve-update-db-native: skip on empty cpe23Uri - linux/poky.git

diff options

author	Konrad Weihmann <kweihmann@outlook.com>	2021-04-22 18:48:27 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-04-30 14:37:32 +0100
commit	4c9d9b798592657bca310af87392dadf87742998 (patch)
tree	82c9d0273596dde96606ed4ce50849fcb3799e75 /meta/recipes-kernel/linux/linux-yocto_5.4.bb
parent	008f22924921fb46cb38c0c2f8a85f79289bf7bb (diff)
download	poky-4c9d9b798592657bca310af87392dadf87742998.tar.gz

cve-update-db-native: skip on empty cpe23Uri

Recently an entry in the NVD DB appeared that looks like that {'vulnerable': True, 'cpe_name': []}. As besides all the vulnerable flag no data is present we would get a KeyError exception on acccess. Use get method on dictionary and return if no meta data is present Also quit if the length of the array after splitting is less than 6 (From OE-Core rev: e9776c55cf251fc884ac3ce4fd6c96769b1d17ff) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 00ce2796d97de2bc376b038d0ea7969088791d34) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-kernel/linux/linux-yocto_5.4.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: