Update CVE ID syntax validator

The current validator stopped after 5 digits, whereas there can be an aribtrary amount. However, the MITRE docs appear to stop at 7, so this seems like a sane cut-off, until it's not[1]. [1] https://cve.mitre.org/cve/identifiers/syntaxchange.html#new
author: Jonathan S. Katz 2021-03-21 18:54:32 +0000
committer: Jonathan S. Katz 2021-03-27 19:15:31 +0000
commit: b263f705f5ed5b7bd9d338f701cbc3c624899e85 (patch)
tree: f556877250155e9886e797e2ead5414c20c91565 /pgweb/security
parent: d5f9dc59dc9acf179a71c8db176c0d2dfae291f3 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/pgweb/security/models.py b/pgweb/security/models.py
index a961ff52..78f48055 100644
--- a/pgweb/security/models.py
+++ b/pgweb/security/models.py
@@ -20,12 +20,12 @@ component_choices = (
 )
 
 
-re_cve = re.compile(r'^(\d{4})-(\d{4,5})$')
+re_cve = re.compile(r'^(\d{4})-(\d{4,7})$')
 
 
 def cve_validator(val):
     if not re_cve.match(val):
-        raise ValidationError("Enter CVE in format 0000-0000 without the CVE text")
+        raise ValidationError("Enter CVE in format (YYYY-NNNN (up to 7 N) without the CVE text")
 
 
 def other_vectors_validator(val):
author	Jonathan S. Katz	2021-03-21 18:54:32 +0000
committer	Jonathan S. Katz	2021-03-27 19:15:31 +0000
commit	b263f705f5ed5b7bd9d338f701cbc3c624899e85 (patch)
tree	f556877250155e9886e797e2ead5414c20c91565 /pgweb/security
parent	d5f9dc59dc9acf179a71c8db176c0d2dfae291f3 (diff)