1 files changed, 10 insertions, 8 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index a5d8e3210c..6907197044 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -17,7 +17,7 @@ python do_populate_cve_db() {
    Update NVD database with json data feed
    """
-    import sqlite3, urllib, shutil, gzip, re
+    import sqlite3, urllib, shutil, gzip
    from datetime import date
    BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
@@ -47,13 +47,15 @@ python do_populate_cve_db() {
        req = urllib.request.Request(meta_url)
        if proxy:
            req.set_proxy(proxy, 'https')
-        try:
+        with urllib.request.urlopen(req) as r:
-            with urllib.request.urlopen(req, timeout=1) as r:
+            for l in r.read().decode("utf-8").splitlines():
-                date_line = str(r.read().splitlines()[0])
+                key, value = l.split(":", 1)
-                last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
+                if key == "lastModifiedDate":
-        except:
+                    last_modified = value
-            cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
+                    break
-            break
+            else:
+                bb.warn("Cannot parse CVE metadata, update failed")
+                return
        # Compare with current db last modified date
        c.execute("select DATE from META where YEAR = ?", (year,))

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index a5d8e3210c..6907197044 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -17,7 +17,7 @@ python do_populate_cve_db() {
17	Update NVD database with json data feed	17	Update NVD database with json data feed
18	"""	18	"""
19		19
20	import sqlite3, urllib, shutil, gzip, re	20	import sqlite3, urllib, shutil, gzip
21	from datetime import date	21	from datetime import date
22		22
23	BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"	23	BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
@@ -47,13 +47,15 @@ python do_populate_cve_db() {
47	req = urllib.request.Request(meta_url)	47	req = urllib.request.Request(meta_url)
48	if proxy:	48	if proxy:
49	req.set_proxy(proxy, 'https')	49	req.set_proxy(proxy, 'https')
50	try:	50	with urllib.request.urlopen(req) as r:
51	with urllib.request.urlopen(req, timeout=1) as r:	51	for l in r.read().decode("utf-8").splitlines():
52	date_line = str(r.read().splitlines()[0])	52	key, value = l.split(":", 1)
53	last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)	53	if key == "lastModifiedDate":
54	except:	54	last_modified = value
55	cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')	55	break
56	break	56	else:
		57	bb.warn("Cannot parse CVE metadata, update failed")
		58	return
57		59
58	# Compare with current db last modified date	60	# Compare with current db last modified date
59	c.execute("select DATE from META where YEAR = ?", (year,))	61	c.execute("select DATE from META where YEAR = ?", (year,))