diff options
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 575254af40..0577a5ccac 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -13,8 +13,15 @@ deltask do_install | |||
13 | deltask do_populate_sysroot | 13 | deltask do_populate_sysroot |
14 | 14 | ||
15 | python () { | 15 | python () { |
16 | if not d.getVar("CVE_CHECK_DB_FILE"): | 16 | cve_check_db_file = d.getVar("CVE_CHECK_DB_FILE") |
17 | if not cve_check_db_file: | ||
17 | raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") | 18 | raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") |
19 | |||
20 | if os.path.exists("%s-journal" % cve_check_db_file ): | ||
21 | os.remove("%s-journal" % cve_check_db_file) | ||
22 | |||
23 | if os.path.exists(cve_check_db_file): | ||
24 | os.remove(cve_check_db_file) | ||
18 | } | 25 | } |
19 | 26 | ||
20 | python do_populate_cve_db() { | 27 | python do_populate_cve_db() { |
@@ -122,7 +129,7 @@ def parse_node_and_insert(c, node, cveId): | |||
122 | product = cpe23[4] | 129 | product = cpe23[4] |
123 | version = cpe23[5] | 130 | version = cpe23[5] |
124 | 131 | ||
125 | if version != '*': | 132 | if version != '*' and version != '-': |
126 | # Version is defined, this is a '=' match | 133 | # Version is defined, this is a '=' match |
127 | yield [cveId, vendor, product, version, '=', '', ''] | 134 | yield [cveId, vendor, product, version, '=', '', ''] |
128 | else: | 135 | else: |
@@ -160,15 +167,20 @@ def update_db(c, jsondata): | |||
160 | if not elt['impact']: | 167 | if not elt['impact']: |
161 | continue | 168 | continue |
162 | 169 | ||
170 | accessVector = None | ||
163 | cveId = elt['cve']['CVE_data_meta']['ID'] | 171 | cveId = elt['cve']['CVE_data_meta']['ID'] |
164 | cveDesc = elt['cve']['description']['description_data'][0]['value'] | 172 | cveDesc = elt['cve']['description']['description_data'][0]['value'] |
165 | date = elt['lastModifiedDate'] | 173 | date = elt['lastModifiedDate'] |
166 | accessVector = elt['impact']['baseMetricV2']['cvssV2']['accessVector'] | ||
167 | cvssv2 = elt['impact']['baseMetricV2']['cvssV2']['baseScore'] | ||
168 | |||
169 | try: | 174 | try: |
175 | accessVector = elt['impact']['baseMetricV2']['cvssV2']['accessVector'] | ||
176 | cvssv2 = elt['impact']['baseMetricV2']['cvssV2']['baseScore'] | ||
177 | except KeyError: | ||
178 | cvssv2 = 0.0 | ||
179 | try: | ||
180 | accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector'] | ||
170 | cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] | 181 | cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] |
171 | except: | 182 | except KeyError: |
183 | accessVector = accessVector or "UNKNOWN" | ||
172 | cvssv3 = 0.0 | 184 | cvssv3 = 0.0 |
173 | 185 | ||
174 | c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", | 186 | c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", |