diff options
-rw-r--r-- | meta/recipes-core/meta/cve-update-nvd2-native.bb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta/recipes-core/meta/cve-update-nvd2-native.bb b/meta/recipes-core/meta/cve-update-nvd2-native.bb index a703b68aac..0044529b7d 100644 --- a/meta/recipes-core/meta/cve-update-nvd2-native.bb +++ b/meta/recipes-core/meta/cve-update-nvd2-native.bb | |||
@@ -352,6 +352,10 @@ def update_db(conn, elt): | |||
352 | [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() | 352 | [cveId, cveDesc, cvssv2, cvssv3, date, accessVector]).close() |
353 | 353 | ||
354 | try: | 354 | try: |
355 | # Remove any pre-existing CVE configuration. Even for partial database | ||
356 | # update, those will be repopulated. This ensures that old | ||
357 | # configuration is not kept for an updated CVE. | ||
358 | conn.execute("delete from PRODUCTS where ID = ?", [cveId]).close() | ||
355 | for config in elt['cve']['configurations']: | 359 | for config in elt['cve']['configurations']: |
356 | # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing | 360 | # This is suboptimal as it doesn't handle AND/OR and negate, but is better than nothing |
357 | for node in config["nodes"]: | 361 | for node in config["nodes"]: |