mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-10-08 10:21:05 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

update: update openssl KnownVuln scan to handle all recent versions

Browse source 
Thanks to @bubu for reporting!
This commit is contained in:
Hans-Christoph Steiner 2017-07-06 13:25:14 +02:00
parent 928633ddba
commit 4a15208b84
2 changed files with 34 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
fdroidserver/update.py
View file

@ -513,8 +513,9 @@ def has_known_vulnerability(filename):
m = has_known_vulnerability.pattern.search(chunk)
if m:
version = m.group(1).decode('ascii')
if version.startswith('1.0.1') and version[5] >= 'r' \
or version.startswith('1.0.2') and version[5] >= 'f':
if (version.startswith('1.0.1') and len(version) > 5 and version[5] >= 'r') \
or (version.startswith('1.0.2') and len(version) > 5 and version[5] >= 'f') \
or re.match(r'[1-9]\.[1-9]\.[0-9].*', version):
logging.debug('"%s" contains recent %s (%s)', filename, name, version)
else:
logging.warning('"%s" contains outdated %s (%s)', filename, name, version)