]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2dfb2f) | patch
cve-update-db-native: avoid incomplete updates
authorMarta Rybczynska <rybczynska@gmail.com>
Tue, 3 Jan 2023 14:03:59 +0000 (15:03 +0100)
committerSteve Sakoman <steve@sakoman.com>
Wed, 18 Jan 2023 19:53:51 +0000 (09:53 -1000)
commit66aa05be4c237d24295d5e02de6e2dbef43af6dc
tree8b5ca2510c1d3f566707c6eb369a04090240dab3tree
parentb2dfb2fe86de887d0239078ded0a4f9e8c677d83commit | diff
cve-update-db-native: avoid incomplete updates

The database update has been done on the original file. In case of
network connection issues, temporary outage of the NVD server or
a similar situation, the function could exit with incomplete data
in the database. This patch solves the issue by performing the update
on a copy of the database. It replaces the main one only if the whole
update was successful.

See https://bugzilla.yoctoproject.org/show_bug.cgi?id=14929

Reported-by: Alberto Pianon <alberto@pianon.eu>
Signed-off-by: Marta Rybczynska <marta.rybczynska@linaro.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8efe99214d8b005f0ecac690ce5ba17b31758f92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-core/meta/cve-update-db-native.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core