diff mbox series

[openembedded-core,scarthgap,v1,20/34] cve-check: change the default feed

Message ID 20260220053443.3006180-20-hetpat@cisco.com
State New
Headers show
Series [openembedded-core,scarthgap,v1,01/34] cve-check: encode affected product/vendor in CVE_STATUS | expand

Commit Message

Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco) Feb. 20, 2026, 5:34 a.m. UTC 
From: Marta Rybczynska <rybczynska@gmail.com>

Move to the FKIE feed by default, as it is showing better stability
than NVD2. Content of the feed should be the same.

Signed-off-by: Marta Rybczynska <marta.rybczynska@ygreky.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10580a6d36aa1366732f9c030345bd4590eb9f74)
Signed-off-by: Het Patel <hetpat@cisco.com>
---
 meta/classes/cve-check.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 234eeae7d4..3555a74c42 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -32,7 +32,7 @@  CVE_PRODUCT ??= "${BPN}"
 CVE_VERSION ??= "${PV}"
 
 # Possible database sources: NVD1, NVD2, FKIE
-NVD_DB_VERSION ?= "NVD2"
+NVD_DB_VERSION ?= "FKIE"
 
 # Use different file names for each database source, as they synchronize at different moments, so may be slightly different
 CVE_CHECK_DB_FILENAME ?= "${@'nvdcve_2-2.db' if d.getVar('NVD_DB_VERSION') == 'NVD2' else 'nvdcve_1-3.db' if d.getVar('NVD_DB_VERSION') == 'NVD1' else 'nvdfkie_1-1.db'}"