On Wed, 2019-06-19 at 15:59 +0200, Pierre Le Magourou wrote: > From: Pierre Le Magourou <pierre.lemagou...@softbankrobotics.com> > > cve-check-tool-native do_populate_cve_db task was using deprecated > NVD > xml data feeds, cve-update-db uses NVD json data feeds. > > Sqlite database schema was updated to take into account CVSSv3 CVE > scores and operator in affected product versions. > A new META table was added to store the last modification date of the > NVD json data feeds. > > Signed-off-by: Pierre Le Magourou < > pierre.lemagou...@softbankrobotics.com> > --- > meta/recipes-core/meta/cve-update-db.bb | 121 > ++++++++++++++++++++++++++++++++ > 1 file changed, 121 insertions(+) > create mode 100644 meta/recipes-core/meta/cve-update-db.bb > > diff --git a/meta/recipes-core/meta/cve-update-db.bb b/meta/recipes- > core/meta/cve-update-db.bb > new file mode 100644 > index 0000000000..522fd23807 > --- /dev/null > +++ b/meta/recipes-core/meta/cve-update-db.bb > @@ -0,0 +1,121 @@ > +SUMMARY = "Updates the NVD CVE database" > +LICENSE = "MIT" > + > +INHIBIT_DEFAULT_DEPS = "1" > +PACKAGES = "" > + > +inherit nopackages > + > +deltask do_fetch > +deltask do_unpack > +deltask do_patch > +deltask do_configure > +deltask do_compile > +deltask do_install > +deltask do_populate_sysroot > + > +python do_populate_cve_db() { > + """ > + Update NVD database with json data feed > + """ > + > + import sqlite3, urllib3, shutil, gzip, re > + from datetime import date > + > + BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" > + YEAR_START = 2002 > + JSON_TMPFILE = d.getVar("CVE_CHECK_DB_DIR") + '/nvd.json.gz'
It looks like CVE_CHECK_DB_DIR has no default value which resulted in: https://autobuilder.yoctoproject.org/typhoon/#/builders/23/builds/988/steps/7/logs/step1b We only started seeing that error after your later patch to add back the do_fetch task. build-appliance is trying to collect up all the sources it may need. Cheers, Richard -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core