1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-17 04:07:06 +00:00

cve-check: neaten get_cve_info

Remove obsolete Python 2 code, and use convenience methods for neatness.

(From OE-Core rev: f19253cc9e70c974a8e21a142086c13d7cde04ff)

(From OE-Core rev: 1f3863bc31e03207856f55591cbf17543e188587)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
2019-12-08 20:35:56 +02:00
committed by Richard Purdie
parent 1a09e2a3cf
commit 51553d9da2
+5 -13
View File
@@ -261,23 +261,15 @@ def check_cves(d, patched_cves):
def get_cve_info(d, cves): def get_cve_info(d, cves):
""" """
Get CVE information from the database. Get CVE information from the database.
Unfortunately the only way to get CVE info is set the output to
html (hard to parse) or query directly the database.
""" """
try: import sqlite3
import sqlite3
except ImportError:
from pysqlite2 import dbapi2 as sqlite3
cve_data = {} cve_data = {}
db_file = d.getVar("CVE_CHECK_DB_FILE") conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE"))
placeholder = ",".join("?" * len(cves)) placeholders = ",".join("?" * len(cves))
query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholder query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholders
conn = sqlite3.connect(db_file) for row in conn.execute(query, tuple(cves)):
cur = conn.cursor()
for row in cur.execute(query, tuple(cves)):
cve_data[row[0]] = {} cve_data[row[0]] = {}
cve_data[row[0]]["summary"] = row[1] cve_data[row[0]]["summary"] = row[1]
cve_data[row[0]]["scorev2"] = row[2] cve_data[row[0]]["scorev2"] = row[2]