1 files changed, 10 insertions, 8 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 09e19c0aae..41a2aa8f20 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -22,7 +22,7 @@ python do_populate_cve_db() {
    Update NVD database with json data feed
    """
-    import sqlite3, urllib, shutil, gzip, re
+    import sqlite3, urllib, shutil, gzip
    from datetime import date
    BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
@@ -52,13 +52,15 @@ python do_populate_cve_db() {
        req = urllib.request.Request(meta_url)
        if proxy:
            req.set_proxy(proxy, 'https')
-        try:
+        with urllib.request.urlopen(req) as r:
-            with urllib.request.urlopen(req, timeout=1) as r:
+            for l in r.read().decode("utf-8").splitlines():
-                date_line = str(r.read().splitlines()[0])
+                key, value = l.split(":", 1)
-                last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
+                if key == "lastModifiedDate":
-        except:
+                    last_modified = value
-            cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
+                    break
-            break
+            else:
+                bb.warn("Cannot parse CVE metadata, update failed")
+                return
        # Compare with current db last modified date
        c.execute("select DATE from META where YEAR = ?", (year,))

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 09e19c0aae..41a2aa8f20 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -22,7 +22,7 @@ python do_populate_cve_db() {
22	Update NVD database with json data feed	22	Update NVD database with json data feed
23	"""	23	"""
24		24
25	import sqlite3, urllib, shutil, gzip, re	25	import sqlite3, urllib, shutil, gzip
26	from datetime import date	26	from datetime import date
27		27
28	BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"	28	BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
@@ -52,13 +52,15 @@ python do_populate_cve_db() {
52	req = urllib.request.Request(meta_url)	52	req = urllib.request.Request(meta_url)
53	if proxy:	53	if proxy:
54	req.set_proxy(proxy, 'https')	54	req.set_proxy(proxy, 'https')
55	try:	55	with urllib.request.urlopen(req) as r:
56	with urllib.request.urlopen(req, timeout=1) as r:	56	for l in r.read().decode("utf-8").splitlines():
57	date_line = str(r.read().splitlines()[0])	57	key, value = l.split(":", 1)
58	last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)	58	if key == "lastModifiedDate":
59	except:	59	last_modified = value
60	cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')	60	break
61	break	61	else:
		62	bb.warn("Cannot parse CVE metadata, update failed")
		63	return
62		64
63	# Compare with current db last modified date	65	# Compare with current db last modified date
64	c.execute("select DATE from META where YEAR = ?", (year,))	66	c.execute("select DATE from META where YEAR = ?", (year,))