mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2026-02-27 14:03:10 -07:00
Code Issues Actions Packages Projects Releases Wiki Activity

vc: better way to check against the json

Browse source 
i think the last version might've had some nasty edge cases
This commit is contained in:
icxes 2026-02-26 02:00:31 +02:00
parent f65bfb3424
commit 86a50b1e43
No known key found for this signature in database
1 changed files with 15 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
copyparty/svchub.py
View file

@ -1833,16 +1833,23 @@ class SvcHub(object):
if data: if data:
try: try:
advisories = json.loads(data) advisories = json.loads(data)
has_vuln = False
fixes = ( for adv in advisories:
self.parse_version(vuln.get("patched_versions")) for vuln in adv.get("vulnerabilities", []):
for adv in advisories if vuln.get("package", {}).get("name") != "copyparty":
for vuln in adv.get("vulnerabilities", []) continue
if vuln.get("patched_versions")
)
newest_fix = max(fixes, default=None)
if newest_fix and ver_cpp < newest_fix: patched_str = vuln.get("patched_versions")
if patched_str:
patched_ver = self.parse_version(patched_str)
if ver_cpp < patched_ver:
has_vuln = True
break
if has_vuln:
break
if has_vuln:
self.broker.say("httpsrv.set_bad_ver", True) self.broker.say("httpsrv.set_bad_ver", True)
except Exception as e: except Exception as e: