diff options
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
| -rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 575254af40..0577a5ccac 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
| @@ -13,8 +13,15 @@ deltask do_install | |||
| 13 | deltask do_populate_sysroot | 13 | deltask do_populate_sysroot |
| 14 | 14 | ||
| 15 | python () { | 15 | python () { |
| 16 | if not d.getVar("CVE_CHECK_DB_FILE"): | 16 | cve_check_db_file = d.getVar("CVE_CHECK_DB_FILE") |
| 17 | if not cve_check_db_file: | ||
| 17 | raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") | 18 | raise bb.parse.SkipRecipe("Skip recipe when cve-check class is not loaded.") |
| 19 | |||
| 20 | if os.path.exists("%s-journal" % cve_check_db_file ): | ||
| 21 | os.remove("%s-journal" % cve_check_db_file) | ||
| 22 | |||
| 23 | if os.path.exists(cve_check_db_file): | ||
| 24 | os.remove(cve_check_db_file) | ||
| 18 | } | 25 | } |
| 19 | 26 | ||
| 20 | python do_populate_cve_db() { | 27 | python do_populate_cve_db() { |
| @@ -122,7 +129,7 @@ def parse_node_and_insert(c, node, cveId): | |||
| 122 | product = cpe23[4] | 129 | product = cpe23[4] |
| 123 | version = cpe23[5] | 130 | version = cpe23[5] |
| 124 | 131 | ||
| 125 | if version != '*': | 132 | if version != '*' and version != '-': |
| 126 | # Version is defined, this is a '=' match | 133 | # Version is defined, this is a '=' match |
| 127 | yield [cveId, vendor, product, version, '=', '', ''] | 134 | yield [cveId, vendor, product, version, '=', '', ''] |
| 128 | else: | 135 | else: |
| @@ -160,15 +167,20 @@ def update_db(c, jsondata): | |||
| 160 | if not elt['impact']: | 167 | if not elt['impact']: |
| 161 | continue | 168 | continue |
| 162 | 169 | ||
| 170 | accessVector = None | ||
| 163 | cveId = elt['cve']['CVE_data_meta']['ID'] | 171 | cveId = elt['cve']['CVE_data_meta']['ID'] |
| 164 | cveDesc = elt['cve']['description']['description_data'][0]['value'] | 172 | cveDesc = elt['cve']['description']['description_data'][0]['value'] |
| 165 | date = elt['lastModifiedDate'] | 173 | date = elt['lastModifiedDate'] |
| 166 | accessVector = elt['impact']['baseMetricV2']['cvssV2']['accessVector'] | ||
| 167 | cvssv2 = elt['impact']['baseMetricV2']['cvssV2']['baseScore'] | ||
| 168 | |||
| 169 | try: | 174 | try: |
| 175 | accessVector = elt['impact']['baseMetricV2']['cvssV2']['accessVector'] | ||
| 176 | cvssv2 = elt['impact']['baseMetricV2']['cvssV2']['baseScore'] | ||
| 177 | except KeyError: | ||
| 178 | cvssv2 = 0.0 | ||
| 179 | try: | ||
| 180 | accessVector = accessVector or elt['impact']['baseMetricV3']['cvssV3']['attackVector'] | ||
| 170 | cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] | 181 | cvssv3 = elt['impact']['baseMetricV3']['cvssV3']['baseScore'] |
| 171 | except: | 182 | except KeyError: |
| 183 | accessVector = accessVector or "UNKNOWN" | ||
| 172 | cvssv3 = 0.0 | 184 | cvssv3 = 0.0 |
| 173 | 185 | ||
| 174 | c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", | 186 | c.execute("insert or replace into NVD values (?, ?, ?, ?, ?, ?)", |