diff mbox series

[openembedded-core,scarthgap,v1,24/34] cve-update-db-native: Use a local copy of the database during builds

Message ID 20260220053443.3006180-24-hetpat@cisco.com
State New
Headers show
Series [openembedded-core,scarthgap,v1,01/34] cve-check: encode affected product/vendor in CVE_STATUS | expand

Commit Message

Het Patel -X (hetpat - E INFOCHIPS PRIVATE LIMITED at Cisco) Feb. 20, 2026, 5:34 a.m. UTC 
From: Peter Marko <peter.marko@siemens.com>

OE-Core rev: 03596904392d257572a905a182b92c780d636744

This seems to be misimplemented when re-adding update from nvd1 feed.
Use file in temporary directory instead of downloads directory for
update process.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5b0a74810fdd3f72fe61e0ae1f859a444dc1fa5)
Signed-off-by: Het Patel <hetpat@cisco.com>
---
 meta/recipes-core/meta/cve-update-db-native.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 320bd452f1..1a38d6be3f 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -24,8 +24,7 @@  CVE_SOCKET_TIMEOUT ?= "60"
 
 CVE_CHECK_DB_DLDIR_FILE ?= "${DL_DIR}/CVE_CHECK2/${CVE_CHECK_DB_FILENAME}"
 CVE_CHECK_DB_DLDIR_LOCK ?= "${CVE_CHECK_DB_DLDIR_FILE}.lock"
-
-CVE_DB_TEMP_FILE ?= "${CVE_CHECK_DB_DLDIR_FILE}.tmp"
+CVE_CHECK_DB_TEMP_FILE ?= "${CVE_CHECK_DB_FILE}.tmp"
 
 python () {
     if not bb.data.inherits_class("cve-check", d):
@@ -44,7 +43,7 @@  python do_fetch() {
 
     db_file = d.getVar("CVE_CHECK_DB_DLDIR_FILE")
     db_dir = os.path.dirname(db_file)
-    db_tmp_file = d.getVar("CVE_DB_TEMP_FILE")
+    db_tmp_file = d.getVar("CVE_CHECK_DB_TEMP_FILE")
 
     cleanup_db_download(db_file, db_tmp_file)
 
@@ -64,6 +63,7 @@  python do_fetch() {
         pass
 
     bb.utils.mkdirhier(db_dir)
+    bb.utils.mkdirhier(os.path.dirname(db_tmp_file))
     if os.path.exists(db_file):
         shutil.copy2(db_file, db_tmp_file)