@@ -17,7 +17,7 @@ python do_populate_cve_db() {
Update NVD database with json data feed
"""
- import sqlite3, urllib, shutil, gzip, re
+ import sqlite3, urllib, shutil, gzip
from datetime import date
BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-"
@@ -47,13 +47,15 @@ python do_populate_cve_db() {
req = urllib.request.Request(meta_url)
if proxy:
req.set_proxy(proxy, 'https')
- try:
- with urllib.request.urlopen(req, timeout=1) as r:
- date_line = str(r.read().splitlines()[0])
- last_modified = re.search('lastModifiedDate:(.*)', date_line).group(1)
- except:
- cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
- break
+ with urllib.request.urlopen(req) as r:
+ for l in r.read().decode("utf-8").splitlines():
+ key, value = l.split(":", 1)
+ if key == "lastModifiedDate":
+ last_modified = value
+ break
+ else:
+ bb.warn("Cannot parse CVE metadata, update failed")
+ return
# Compare with current db last modified date
c.execute("select DATE from META where YEAR = ?", (year,))