cve-check and FC30

Johnathan Mantey johnathanx.mantey at intel.com
Fri Nov 8 05:26:48 AEDT 2019


I'm unable to build with the latest upstream changes.  I've isolated the
problem to this commit:

3e36ab8dadab36bb286dc6d750ac6c4934f50d04 cve-check: ensure all known
CVEs are in the report

The error is:
     0272:    placeholder = ",".join("?" * len(cves))
     0273:    query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholder
     0274:    conn = sqlite3.connect(db_file)
     0275:    cur = conn.cursor()
 *** 0276:    for row in cur.execute(query, tuple(cves)):
     0277:        cve_data[row[0]] = {}
     0278:        cve_data[row[0]]["summary"] = row[1]
     0279:        cve_data[row[0]]["scorev2"] = row[2]
     0280:        cve_data[row[0]]["scorev3"] = row[3]
Exception: sqlite3.OperationalError: too many SQL variables

When I revert this change I am able to build.

Has anyone else seen this, and, if so, created a solution?

-- 
Johnathan Mantey
Senior Software Engineer
*azad te**chnology partners*
Contributing to Technology Innovation since 1992
Phone: (503) 712-6764
Email: johnathanx.mantey at intel.com <mailto:johnathanx.mantey at intel.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20191107/bb31ca7e/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20191107/bb31ca7e/attachment-0001.sig>


More information about the openbmc mailing list