cve-update-db-native: use SQL placeholders instead of format strings

(From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@intel.com> 2019-07-17 11:45:38 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-07-18 12:16:19 +0100
commit: c0017bee41ca8bafe9e66fc918a7aef4033484ff (patch)
tree: 9985f12fc1f98b633d27a6a18d7bf5a767a86609 /meta/recipes-core
parent: 7f5f884e555e9fc8afbbb1dd666026241f64789b (diff)
download: openembedded-core-contrib-c0017bee41ca8bafe9e66fc918a7aef4033484ff.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index e16c41a72f..72d1f48835 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -62,7 +62,7 @@ python do_populate_cve_db() {
             break
 
         # Compare with current db last modified date
-        c.execute("select DATE from META where YEAR = '%d'" % year)
+        c.execute("select DATE from META where YEAR = ?", (year,))
         meta = c.fetchone()
         if not meta or meta[0] != last_modified:
             # Update db with current year json file
author	Ross Burton <ross.burton@intel.com>	2019-07-17 11:45:38 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-07-18 12:16:19 +0100
commit	c0017bee41ca8bafe9e66fc918a7aef4033484ff (patch)
tree	9985f12fc1f98b633d27a6a18d7bf5a767a86609 /meta/recipes-core
parent	7f5f884e555e9fc8afbbb1dd666026241f64789b (diff)
download	openembedded-core-contrib-c0017bee41ca8bafe9e66fc918a7aef4033484ff.tar.gz