From 7ec60228eb4fb51f2431fb7b242ba54d780a3f35 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sun, 24 Aug 2025 16:53:16 +0200 Subject: [PATCH] vulnerabilities: update nvdcve file name The filename is outdated as its version was already bumped and there are also different files for different feed choices. Use glob to match any available file. Also the directory changed to CVE_CHECK2 meanwhile, so Update it, too. (From yocto-docs rev: 1b4d559ad5489a34cec26f9aad2687d2cb3ecc0a) Signed-off-by: Peter Marko Signed-off-by: Antonin Godard (cherry picked from commit a2f18cb23183401d9d8e2fd4499d164ef8d86e44) Signed-off-by: Antonin Godard Signed-off-by: Steve Sakoman --- documentation/dev-manual/vulnerabilities.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/dev-manual/vulnerabilities.rst b/documentation/dev-manual/vulnerabilities.rst index d901ff975b..ea29708034 100644 --- a/documentation/dev-manual/vulnerabilities.rst +++ b/documentation/dev-manual/vulnerabilities.rst @@ -318,7 +318,7 @@ products defined in :term:`CVE_PRODUCT`. Then, for each found CVE: The CVE database is stored in :term:`DL_DIR` and can be inspected using ``sqlite3`` command as follows:: - sqlite3 downloads/CVE_CHECK/nvdcve_1.1.db .dump | grep CVE-2021-37462 + sqlite3 downloads/CVE_CHECK2/nvd*.db .dump | grep CVE-2021-37462 When analyzing CVEs, it is recommended to: