You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by hu...@apache.org on 2023/01/17 16:52:49 UTC

[httpd-site] branch main updated: better logic for data version

This is an automated email from the ASF dual-hosted git repository.

humbedooh pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/httpd-site.git


The following commit(s) were added to refs/heads/main by this push:
     new f88f38c  better logic for data version
f88f38c is described below

commit f88f38cbe579f9d83ae582da57ef9d0e48f97404
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Jan 17 17:52:44 2023 +0100

    better logic for data version
    
    We need to differentiate between the 4.0 and 5.0 formats.
    The 5.0 format has a dataType and dataVersion tag we can use. If not found, fall back to 4.0
---
 content/security/cvejsontohtml.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/content/security/cvejsontohtml.py b/content/security/cvejsontohtml.py
index e9f7324..f386655 100644
--- a/content/security/cvejsontohtml.py
+++ b/content/security/cvejsontohtml.py
@@ -19,6 +19,7 @@ def natural_sort_key(s, _nsre=re.compile('([0-9]+)')):
 filterversion = options.filterversion or ""
 cves = []
 entries = {}
+DEFAULT_CVE_DATA_VERSION = "4.0"  # Default (old) CVE data version
 
 for x in os.listdir(options.directory or "./"):
     if x.endswith(".json"):
@@ -32,10 +33,15 @@ for x in os.listdir(options.directory or "./"):
 
 # Filter on version and store by release(s) that fixed it
 for cve in cves:
-    if "CVE_data_meta" in cve:  # Old style JSON
+    # Establish which version of CVE JSON we are dealing with
+    data_version = DEFAULT_CVE_DATA_VERSION
+    if cve.get("dataType") == "CVE":
+        data_version = cve.get("dataVersion", DEFAULT_CVE_DATA_VERSION)
+     
+    if data_version == DEFAULT_CVE_DATA_VERSION:  # Old style CVE
         timearray = cve["timeline"]
         cve["id"] = cve["CVE_data_meta"]["ID"]
-    else:  # Newer style JSON
+    elif data_version == "5.0":  # Newer style JSON
         timearray = cve["containers"]["cna"]["timeline"]
         cve["id"] = cve["cveMetadata"]["cveId"]
     for time in timearray: