From: Peter Marko <[email protected]>
As of now, update of CVE DB from FKIE source (which is the defailt)
fails with following error:
File: '<build>/poky/meta/recipes-core/meta/cve-update-db-native.bb', lineno:
393, function: update_db_fkie
0389: [cveId, cveDesc, cvssv2, cvssv3, cvssv4, date,
accessVector, vectorString]).close()
0390:
0391: for config in elt['configurations']:
0392: # This is suboptimal as it doesn't handle AND/OR and
negate, but is better than nothing
*** 0393: for node in config["nodes"]:
0394: parse_node_and_insert(conn, node, cveId, False)
0395:
0396:def update_db(d, conn, jsondata):
0397: if (d.getVar("NVD_DB_VERSION") == "FKIE"):
Exception: KeyError: 'nodes'
Entry for new CVE-2025-32915 is broken.
Signed-off-by: Peter Marko <[email protected]>
Signed-off-by: Mathieu Dubois-Briand <[email protected]>
(cherry picked from commit 152be29f6a732b2ba1c95bcf465455d2a5a3f33a)
Signed-off-by: Het Patel <[email protected]>
---
meta/recipes-core/meta/cve-update-db-native.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb
b/meta/recipes-core/meta/cve-update-db-native.bb
index 792252f510..320bd452f1 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -390,7 +390,7 @@ def update_db_fkie(conn, jsondata):
for config in elt['configurations']:
# This is suboptimal as it doesn't handle AND/OR and negate, but
is better than nothing
- for node in config["nodes"]:
+ for node in config.get("nodes") or []:
parse_node_and_insert(conn, node, cveId, False)
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#231476):
https://lists.openembedded.org/g/openembedded-core/message/231476
Mute This Topic: https://lists.openembedded.org/mt/117905861/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
