cve-update-db-native: avoid incomplete updates - linux/poky.git

diff options

author	Marta Rybczynska <rybczynska@gmail.com>	2023-01-03 15:03:59 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-01-26 23:37:05 +0000
commit	876ff613887181d0665a5c4ba809a3d9c9ae19a5 (patch)
tree	0c6c95384fb7d70f179a51f33b79848fa12b7201 /scripts/lib/devtool/runqemu.py
parent	bba70ce34115151362bfdc49a545ee708eb297ca (diff)
download	poky-876ff613887181d0665a5c4ba809a3d9c9ae19a5.tar.gz

cve-update-db-native: avoid incomplete updates

The database update has been done on the original file. In case of network connection issues, temporary outage of the NVD server or a similar situation, the function could exit with incomplete data in the database. This patch solves the issue by performing the update on a copy of the database. It replaces the main one only if the whole update was successful. See https://bugzilla.yoctoproject.org/show_bug.cgi?id=14929 Reported-by: Alberto Pianon <alberto@pianon.eu> (From OE-Core rev: 878988a67b488a01f53658bcc528b5d0422672ae) Signed-off-by: Marta Rybczynska <marta.rybczynska@linaro.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8efe99214d8b005f0ecac690ce5ba17b31758f92) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/devtool/runqemu.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: