git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Marta Rybczynska <rybczynska@gmail.com>
	Wed, 29 Mar 2023 10:02:56 +0000 (12:02 +0200)
committer	Steve Sakoman <steve@sakoman.com>
	Mon, 19 Jun 2023 16:23:31 +0000 (06:23 -1000)
commit	191e2c6d7009999f049a0cf8460259f8f91a829d
tree	5cf0cb3a6e8997a9f5aba14ab758dad49e54741d	tree
parent	8a9d188b4d838bbbf8aab14fad1ee5aaadb86621	commit \| diff

cve-update-nvd2-native: new CVE database fetcher

Add new fetcher for the NVD database using the 2.0 API [1].
The implementation changes as little as possible, keeping the current
database format (but using a different database file for the transition
period), with a notable exception of not using the META table.

Minor changes that could be visible:
- the database starts in 1999 instead of 2002
- the complete fetch is longer (30 minutes typically)

[1] https://nvd.nist.gov/developers/vulnerabilities

Signed-off-by: Marta Rybczynska <marta.rybczynska@syslinbit.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit fb62c4c3dbca4e58f7ce6cf29d4b630a06411a97)
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/classes/cve-check.bbclass		diff \| blob \| blame \| history
meta/recipes-core/meta/cve-update-nvd2-native.bb	[new file with mode: 0644]	blob