diff options
Diffstat (limited to 'meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb')
| -rw-r--r-- | meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb index c78af6728c..fcd3182931 100644 --- a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb +++ b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb @@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e8c1458438ead3c34974bc0be3a03ed6" SRC_URI = "https://github.com/ikeydoherty/${BPN}/releases/download/v${PV}/${BP}.tar.xz \ file://check-for-malloc_trim-before-using-it.patch \ file://0001-print-progress-in-percent-when-downloading-CVE-db.patch \ + file://0001-curl-allow-overriding-default-CA-certificate-file.patch \ " SRC_URI[md5sum] = "c5f4247140fc9be3bf41491d31a34155" @@ -39,7 +40,8 @@ do_populate_cve_db() { [ -z "${cve_file}" ] && cve_file="${TMPDIR}/cve_check" bbdebug 2 "Updating cve-check-tool database located in $cve_dir" - if cve-check-update -d "$cve_dir" ; then + # --cacert works around curl-native not finding the CA bundle + if cve-check-update --cacert ${sysconfdir}/ssl/certs/ca-certificates.crt -d "$cve_dir" ; then printf "CVE database was updated on %s UTC\n\n" "$(LANG=C date --utc +'%F %T')" > "$cve_file" else bbwarn "Error in executing cve-check-update" |