From 075d712b289d1749c3199bc2604164b285371629 Mon Sep 17 00:00:00 2001 From: Marta Rybczynska Date: Wed, 29 Mar 2023 12:02:56 +0200 Subject: cve-update-nvd2-native: new CVE database fetcher Add new fetcher for the NVD database using the 2.0 API [1]. The implementation changes as little as possible, keeping the current database format (but using a different database file for the transition period), with a notable exception of not using the META table. Minor changes that could be visible: - the database starts in 1999 instead of 2002 - the complete fetch is longer (30 minutes typically) [1] https://nvd.nist.gov/developers/vulnerabilities (From OE-Core rev: b8ae26aabe825c1bc8d84fd7e0ee197695f1dee7) Signed-off-by: Marta Rybczynska Signed-off-by: Alexandre Belloni (cherry picked from commit fb62c4c3dbca4e58f7ce6cf29d4b630a06411a97) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'meta/classes/cve-check.bbclass') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 3c922b27af..494fa03ec1 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -26,7 +26,7 @@ CVE_PRODUCT ??= "${BPN}" CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" -CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db" +CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_2.db" CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock" CVE_CHECK_LOG ?= "${T}/cve.log" @@ -155,7 +155,7 @@ python do_cve_check () { } addtask cve_check before do_build -do_cve_check[depends] = "cve-update-db-native:do_fetch" +do_cve_check[depends] = "cve-update-nvd2-native:do_fetch" do_cve_check[nostamp] = "1" python cve_check_cleanup () { -- cgit v1.2.3-54-g00ecf