I am resending this from my regular email client because I think that my original submission using git sendmail was messed up in my GIT config so it didn’t make it to the list. (I did send an email using git sendmail to Armin).
We need this change to meta-security to be compatible with the referenced change made in poky / OE-core. Otherwise there is an error as I reported weeks back. I believe that this patch fixes it. I have used it in both master branch and in dunfell.
We also need this to be back ported to all the same branches of meta-security to correspond to all the branches on poky to which the 33efd9351702e08a53e6512e235f947e4f9e914f commit was back ported. This includes dunfell.
It is easy to find in a poky branch by grepping for do_populate_cve_db.
From a different perspective, there could also be a case to revert the original changes as I notice that populating the CVE database is not necessarily something that we would want to be part of someone running a fetch all operation for a target image, because the fetch for the CVE database would likely be run again later at the time of building the image. This could be a matter of discussion (if not already discussed). But I can work with it either way.
Darcy Watkins :: Senior Staff Engineer, Firmware
Direct +1 604 233 7989 :: Fax +1 604 231 1109 :: Main +1 604 231 1100
13811 Wireless Way :: Richmond, BC Canada V6V 3A4
Darcy Watkins <dwatkins@...>
From: Darcy Watkins <darcy@...>