diff options
author | Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com> | 2019-07-03 11:35:06 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-05 12:00:15 +0100 |
commit | 0325dd72714f0b447558084f481b77f0ec850eed (patch) | |
tree | e5fb6f626f279d2cde4e710f009ac1f2f6abf0d8 /meta/classes/cve-check.bbclass | |
parent | 3c7b6dfecd22eae369bba54437cdff91fa8542df (diff) | |
download | openembedded-core-contrib-0325dd72714f0b447558084f481b77f0ec850eed.tar.gz |
cve-update-db: Catch request.urlopen errors.
If the NVD url is not accessible, print a warning on top of the CVE
report, and continue. The database will not be fully updated, but
cve_check can still run on the previous database.
Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/classes/cve-check.bbclass')
-rw-r--r-- | meta/classes/cve-check.bbclass | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 1e7e8dd441..81071e3f19 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -51,14 +51,15 @@ python do_cve_check () { Check recipe for patched and unpatched CVEs """ - if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")): + if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): patched_cves = get_patches_cves(d) patched, unpatched = check_cves(d, patched_cves) if patched or unpatched: cve_data = get_cve_info(d, patched + unpatched) cve_write_data(d, patched, unpatched, cve_data) else: - bb.note("Failed to update CVE database, skipping CVE check") + bb.note("No CVE database found, skipping CVE check") + } addtask cve_check after do_unpack before do_build |