Launchpad itself

Merge ~cjwatson/launchpad:merge-db-stable into launchpad:master

  1. Git
  2. lp:~cjwatson/launchpad
  3. merge-db-stable
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 9d833070ff42430c255e2d19737c13123103543e
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/launchpad:merge-db-stable
Merge into: launchpad:master
Diff against target: 77 lines (+29/-20)
3 files modified
database/sampledata/current-dev.sql (+10/-10)
database/sampledata/current.sql (+10/-10)
database/schema/patch-2211-09-0.sql (+9/-0)
Reviewer Review Type Date Requested Status
Colin Watson (community) Approve
Review via email: mp+431576@code.launchpad.net

Commit message

Merge db-stable 9d833070ff (Drop `Cve.discoverer` column)

To post a comment you must log in.
Revision history for this message
Colin Watson (cjwatson) wrote :

Deployed to the production database today.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/database/sampledata/current-dev.sql b/database/sampledata/current-dev.sql
2index 6137bec..1a12d10 100644
3--- a/database/sampledata/current-dev.sql
4+++ b/database/sampledata/current-dev.sql
5@@ -1301,16 +1301,16 @@ ALTER TABLE public.bug ENABLE TRIGGER ALL;
6
7 ALTER TABLE public.cve DISABLE TRIGGER ALL;
8
9-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL, NULL);
10-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL, NULL);
11-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL, NULL);
12-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL, NULL);
13-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL, NULL);
14-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL, NULL);
15-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL, NULL);
16-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL, NULL);
17-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL, NULL);
18-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL, NULL);
19+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL);
20+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL);
21+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL);
22+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL);
23+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL);
24+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL);
25+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL);
26+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL);
27+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL);
28+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL);
29
30
31 ALTER TABLE public.cve ENABLE TRIGGER ALL;
32diff --git a/database/sampledata/current.sql b/database/sampledata/current.sql
33index 023e0ac..f1c680d 100644
34--- a/database/sampledata/current.sql
35+++ b/database/sampledata/current.sql
36@@ -1298,16 +1298,16 @@ ALTER TABLE public.bug ENABLE TRIGGER ALL;
37
38 ALTER TABLE public.cve DISABLE TRIGGER ALL;
39
40-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL, NULL);
41-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL, NULL);
42-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL, NULL);
43-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL, NULL);
44-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL, NULL);
45-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL, NULL);
46-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL, NULL);
47-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL, NULL);
48-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL, NULL);
49-INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, discoverer, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL, NULL);
50+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL, NULL, NULL, NULL);
51+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL, NULL, NULL, NULL);
52+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL, NULL, NULL, NULL);
53+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL, NULL, NULL, NULL);
54+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL, NULL, NULL, NULL);
55+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL, NULL, NULL, NULL);
56+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL, NULL, NULL, NULL);
57+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL, NULL, NULL, NULL);
58+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL, NULL, NULL, NULL);
59+INSERT INTO public.cve (id, sequence, status, description, datecreated, datemodified, fti, date_made_public, cvss, discovered_by) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL, NULL, NULL, NULL);
60
61
62 ALTER TABLE public.cve ENABLE TRIGGER ALL;
63diff --git a/database/schema/patch-2211-09-0.sql b/database/schema/patch-2211-09-0.sql
64new file mode 100644
65index 0000000..819f866
66--- /dev/null
67+++ b/database/schema/patch-2211-09-0.sql
68@@ -0,0 +1,9 @@
69+-- Copyright 2022 Canonical Ltd. This software is licensed under the
70+-- GNU Affero General Public License version 3 (see the file LICENSE).
71+
72+SET client_min_messages=ERROR;
73+
74+ALTER TABLE Cve
75+ DROP COLUMN discoverer;
76+
77+INSERT INTO LaunchpadDatabaseRevision VALUES (2211, 09, 0);

Subscribers

People subscribed via source and target branches

to status/vote changes: