Merge ~cjwatson/launchpad:merge-db-stable into launchpad:master
- Git
- lp:~cjwatson/launchpad
- merge-db-stable
- Merge into master
Proposed by
Colin Watson
Status: | Merged |
---|---|
Approved by: | Colin Watson |
Approved revision: | 9d833070ff42430c255e2d19737c13123103543e |
Merge reported by: | Otto Co-Pilot |
Merged at revision: | not available |
Proposed branch: | ~cjwatson/launchpad:merge-db-stable |
Merge into: | launchpad:master |
Diff against target: |
77 lines (+29/-20) 3 files modified
database/sampledata/current-dev.sql (+10/-10) database/sampledata/current.sql (+10/-10) database/schema/patch-2211-09-0.sql (+9/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Colin Watson (community) | Approve | ||
Review via email: mp+431576@code.launchpad.net |
Commit message
Merge db-stable 9d833070ff (Drop `Cve.discoverer` column)
Description of the change
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/database/sampledata/current-dev.sql b/database/sampledata/current-dev.sql |
2 | index 6137bec..1a12d10 100644 |
3 | --- a/database/sampledata/current-dev.sql |
4 | +++ b/database/sampledata/current-dev.sql |
5 | @@ -1301,16 +1301,16 @@ ALTER TABLE public.bug ENABLE TRIGGER ALL; |
6 | |
7 | ALTER TABLE public.cve DISABLE TRIGGER ALL; |
8 | |
9 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL, NULL); |
10 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL, NULL); |
11 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL, NULL); |
12 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL, NULL); |
13 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL, NULL); |
14 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL, NULL); |
15 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL, NULL); |
16 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL, NULL); |
17 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL, NULL); |
18 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL, NULL); |
19 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL); |
20 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL); |
21 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL); |
22 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL); |
23 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL); |
24 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL); |
25 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL); |
26 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL); |
27 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL); |
28 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL); |
29 | |
30 | |
31 | ALTER TABLE public.cve ENABLE TRIGGER ALL; |
32 | diff --git a/database/sampledata/current.sql b/database/sampledata/current.sql |
33 | index 023e0ac..f1c680d 100644 |
34 | --- a/database/sampledata/current.sql |
35 | +++ b/database/sampledata/current.sql |
36 | @@ -1298,16 +1298,16 @@ ALTER TABLE public.bug ENABLE TRIGGER ALL; |
37 | |
38 | ALTER TABLE public.cve DISABLE TRIGGER ALL; |
39 | |
40 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL, NULL); |
41 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL, NULL); |
42 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL, NULL); |
43 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL, NULL); |
44 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL, NULL); |
45 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL, NULL); |
46 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL, NULL); |
47 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL, NULL); |
48 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL, NULL); |
49 | -INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL, NULL); |
50 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL); |
51 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL); |
52 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL); |
53 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL); |
54 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL); |
55 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL); |
56 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL); |
57 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL); |
58 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL); |
59 | +INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL); |
60 | |
61 | |
62 | ALTER TABLE public.cve ENABLE TRIGGER ALL; |
63 | diff --git a/database/schema/patch-2211-09-0.sql b/database/schema/patch-2211-09-0.sql |
64 | new file mode 100644 |
65 | index 0000000..819f866 |
66 | --- /dev/null |
67 | +++ b/database/schema/patch-2211-09-0.sql |
68 | @@ -0,0 +1,9 @@ |
69 | +-- Copyright 2022 Canonical Ltd. This software is licensed under the |
70 | +-- GNU Affero General Public License version 3 (see the file LICENSE). |
71 | + |
72 | +SET client_min_messages=ERROR; |
73 | + |
74 | +ALTER TABLE Cve |
75 | + DROP COLUMN discoverer; |
76 | + |
77 | +INSERT INTO LaunchpadDatabaseRevision VALUES (2211, 09, 0); |
Deployed to the production database today.