Merge lp:~wgrant/launchpad/db-cleanup-2016 into lp:launchpad/db-devel
- db-cleanup-2016
- Merge into db-devel
Proposed by
William Grant
| Status: | Merged |
|---|---|
| Merged at revision: | 13564 |
| Proposed branch: | lp:~wgrant/launchpad/db-cleanup-2016 |
| Merge into: | lp:launchpad/db-devel |
| Diff against target: |
426 lines (+81/-134) 5 files modified
database/sampledata/current-dev.sql (+27/-53) database/sampledata/current.sql (+26/-52) database/schema/comments.sql (+0/-15) database/schema/patch-2209-77-3.sql (+28/-0) database/schema/security.cfg (+0/-14) |
| To merge this branch: | bzr merge lp:~wgrant/launchpad/db-cleanup-2016 |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Colin Watson (community) | Approve | ||
|
Review via email:
|
|||
Commit message
Clean up old DB tables, views, and functions.
Description of the change
Clean up old DB tables, views, and functions.
To post a comment you must log in.
Revision history for this message
| Colin Watson (cjwatson) : | # |
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
| 1 | === modified file 'database/sampledata/current-dev.sql' |
| 2 | --- database/sampledata/current-dev.sql 2016-09-07 22:29:27 +0000 |
| 3 | +++ database/sampledata/current-dev.sql 2016-10-05 10:15:11 +0000 |
| 4 | @@ -1,6 +1,6 @@ |
| 5 | -- Copyright 2010-2016 Canonical Ltd. This software is licensed under the |
| 6 | -- GNU Affero General Public License version 3 (see the file LICENSE). |
| 7 | --- Created using pg_dump (PostgreSQL) 9.3.12 |
| 8 | +-- Created using pg_dump (PostgreSQL) 9.3.5 |
| 9 | |
| 10 | SET check_function_bodies = false; |
| 11 | SET client_encoding = 'UTF8'; |
| 12 | @@ -2670,35 +2670,6 @@ |
| 13 | |
| 14 | |
| 15 | |
| 16 | -ALTER TABLE cve DISABLE TRIGGER ALL; |
| 17 | - |
| 18 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL); |
| 19 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL); |
| 20 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL); |
| 21 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL); |
| 22 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL); |
| 23 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL); |
| 24 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL); |
| 25 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL); |
| 26 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL); |
| 27 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL); |
| 28 | - |
| 29 | - |
| 30 | -ALTER TABLE cve ENABLE TRIGGER ALL; |
| 31 | - |
| 32 | - |
| 33 | -ALTER TABLE bugcve DISABLE TRIGGER ALL; |
| 34 | - |
| 35 | -INSERT INTO bugcve (id, bug, cve, date_created) VALUES (1, 1, 1, '2006-10-16 18:31:43.127783'); |
| 36 | -INSERT INTO bugcve (id, bug, cve, date_created) VALUES (2, 2, 2, '2006-10-16 18:31:43.128996'); |
| 37 | - |
| 38 | - |
| 39 | -ALTER TABLE bugcve ENABLE TRIGGER ALL; |
| 40 | - |
| 41 | - |
| 42 | - |
| 43 | - |
| 44 | - |
| 45 | ALTER TABLE bugwatch DISABLE TRIGGER ALL; |
| 46 | |
| 47 | INSERT INTO bugwatch (id, bug, bugtracker, remotebug, remotestatus, lastchanged, lastchecked, datecreated, owner, last_error_type, remote_importance, remote_lp_bug_id, next_check) VALUES (1, 2, 1, '42', 'FUBAR', '2004-09-24 20:58:04.740841', '2004-09-24 20:58:04.740841', '2004-09-24 20:58:04.740841', 12, NULL, 'BAZBAZ', NULL, NULL); |
| 48 | @@ -3183,8 +3154,8 @@ |
| 49 | |
| 50 | ALTER TABLE codeimport DISABLE TRIGGER ALL; |
| 51 | |
| 52 | -INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url) VALUES (1, 75, '2007-06-25 20:04:04.226605', 52, 2, NULL, NULL, 20, NULL, 52, NULL, NULL, 'http://svn.example.org/svnroot/gnome-terminal/trunk'); |
| 53 | -INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url) VALUES (2, 76, '2007-06-25 20:04:04.379285', 52, 1, ':pserver:anonymous@anoncvs.example.org:/cvs/gnome', 'evolution', 1, NULL, 52, NULL, NULL, NULL); |
| 54 | +INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url, git_repository) VALUES (1, 75, '2007-06-25 20:04:04.226605', 52, 2, NULL, NULL, 20, NULL, 52, NULL, NULL, 'http://svn.example.org/svnroot/gnome-terminal/trunk', NULL); |
| 55 | +INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url, git_repository) VALUES (2, 76, '2007-06-25 20:04:04.379285', 52, 1, ':pserver:anonymous@anoncvs.example.org:/cvs/gnome', 'evolution', 1, NULL, 52, NULL, NULL, NULL, NULL); |
| 56 | |
| 57 | |
| 58 | ALTER TABLE codeimport ENABLE TRIGGER ALL; |
| 59 | @@ -3348,6 +3319,23 @@ |
| 60 | |
| 61 | |
| 62 | |
| 63 | +ALTER TABLE cve DISABLE TRIGGER ALL; |
| 64 | + |
| 65 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL); |
| 66 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL); |
| 67 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL); |
| 68 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL); |
| 69 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL); |
| 70 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL); |
| 71 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL); |
| 72 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL); |
| 73 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL); |
| 74 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL); |
| 75 | + |
| 76 | + |
| 77 | +ALTER TABLE cve ENABLE TRIGGER ALL; |
| 78 | + |
| 79 | + |
| 80 | |
| 81 | |
| 82 | |
| 83 | @@ -9250,16 +9238,6 @@ |
| 84 | |
| 85 | |
| 86 | |
| 87 | -ALTER TABLE questionbug DISABLE TRIGGER ALL; |
| 88 | - |
| 89 | - |
| 90 | - |
| 91 | -ALTER TABLE questionbug ENABLE TRIGGER ALL; |
| 92 | - |
| 93 | - |
| 94 | - |
| 95 | - |
| 96 | - |
| 97 | ALTER TABLE questionjob DISABLE TRIGGER ALL; |
| 98 | |
| 99 | |
| 100 | @@ -9540,6 +9518,13 @@ |
| 101 | |
| 102 | |
| 103 | |
| 104 | +ALTER TABLE snapbuildjob DISABLE TRIGGER ALL; |
| 105 | + |
| 106 | + |
| 107 | + |
| 108 | +ALTER TABLE snapbuildjob ENABLE TRIGGER ALL; |
| 109 | + |
| 110 | + |
| 111 | ALTER TABLE snapfile DISABLE TRIGGER ALL; |
| 112 | |
| 113 | |
| 114 | @@ -9669,17 +9654,6 @@ |
| 115 | |
| 116 | |
| 117 | |
| 118 | -ALTER TABLE specificationbug DISABLE TRIGGER ALL; |
| 119 | - |
| 120 | -INSERT INTO specificationbug (id, specification, bug) VALUES (1, 3, 1); |
| 121 | - |
| 122 | - |
| 123 | -ALTER TABLE specificationbug ENABLE TRIGGER ALL; |
| 124 | - |
| 125 | - |
| 126 | - |
| 127 | - |
| 128 | - |
| 129 | ALTER TABLE specificationdependency DISABLE TRIGGER ALL; |
| 130 | |
| 131 | INSERT INTO specificationdependency (id, specification, dependency, date_created) VALUES (1, 4, 3, '2006-10-16 18:31:52.855436'); |
| 132 | |
| 133 | === modified file 'database/sampledata/current.sql' |
| 134 | --- database/sampledata/current.sql 2016-09-07 22:29:27 +0000 |
| 135 | +++ database/sampledata/current.sql 2016-10-05 10:15:11 +0000 |
| 136 | @@ -2602,35 +2602,6 @@ |
| 137 | |
| 138 | |
| 139 | |
| 140 | -ALTER TABLE cve DISABLE TRIGGER ALL; |
| 141 | - |
| 142 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL); |
| 143 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL); |
| 144 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL); |
| 145 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL); |
| 146 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL); |
| 147 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL); |
| 148 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL); |
| 149 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL); |
| 150 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL); |
| 151 | -INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL); |
| 152 | - |
| 153 | - |
| 154 | -ALTER TABLE cve ENABLE TRIGGER ALL; |
| 155 | - |
| 156 | - |
| 157 | -ALTER TABLE bugcve DISABLE TRIGGER ALL; |
| 158 | - |
| 159 | -INSERT INTO bugcve (id, bug, cve, date_created) VALUES (1, 1, 1, '2006-10-16 18:31:43.127783'); |
| 160 | -INSERT INTO bugcve (id, bug, cve, date_created) VALUES (2, 2, 2, '2006-10-16 18:31:43.128996'); |
| 161 | - |
| 162 | - |
| 163 | -ALTER TABLE bugcve ENABLE TRIGGER ALL; |
| 164 | - |
| 165 | - |
| 166 | - |
| 167 | - |
| 168 | - |
| 169 | ALTER TABLE bugwatch DISABLE TRIGGER ALL; |
| 170 | |
| 171 | INSERT INTO bugwatch (id, bug, bugtracker, remotebug, remotestatus, lastchanged, lastchecked, datecreated, owner, last_error_type, remote_importance, remote_lp_bug_id, next_check) VALUES (1, 2, 1, '42', 'FUBAR', '2004-09-24 20:58:04.740841', '2004-09-24 20:58:04.740841', '2004-09-24 20:58:04.740841', 12, NULL, 'BAZBAZ', NULL, NULL); |
| 172 | @@ -3115,8 +3086,8 @@ |
| 173 | |
| 174 | ALTER TABLE codeimport DISABLE TRIGGER ALL; |
| 175 | |
| 176 | -INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url) VALUES (1, 75, '2007-06-25 20:04:04.226605', 52, 2, NULL, NULL, 20, NULL, 52, NULL, NULL, 'http://svn.example.org/svnroot/gnome-terminal/trunk'); |
| 177 | -INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url) VALUES (2, 76, '2007-06-25 20:04:04.379285', 52, 1, ':pserver:anonymous@anoncvs.example.org:/cvs/gnome', 'evolution', 1, NULL, 52, NULL, NULL, NULL); |
| 178 | +INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url, git_repository) VALUES (1, 75, '2007-06-25 20:04:04.226605', 52, 2, NULL, NULL, 20, NULL, 52, NULL, NULL, 'http://svn.example.org/svnroot/gnome-terminal/trunk', NULL); |
| 179 | +INSERT INTO codeimport (id, branch, date_created, registrant, rcs_type, cvs_root, cvs_module, review_status, date_last_successful, owner, assignee, update_interval, url, git_repository) VALUES (2, 76, '2007-06-25 20:04:04.379285', 52, 1, ':pserver:anonymous@anoncvs.example.org:/cvs/gnome', 'evolution', 1, NULL, 52, NULL, NULL, NULL, NULL); |
| 180 | |
| 181 | |
| 182 | ALTER TABLE codeimport ENABLE TRIGGER ALL; |
| 183 | @@ -3285,6 +3256,23 @@ |
| 184 | |
| 185 | |
| 186 | |
| 187 | +ALTER TABLE cve DISABLE TRIGGER ALL; |
| 188 | + |
| 189 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (1, '1999-8979', 2, 'Firefox crashes all the time', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.508959', NULL); |
| 190 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (2, '1999-2345', 1, 'Possible data loss', '2005-09-07 19:00:32.944561', '2005-09-13 14:00:03.513099', NULL); |
| 191 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (3, '2005-2730', 1, 'The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.', '2005-09-13 14:05:15.669384', '2005-09-13 14:05:15.669384', NULL); |
| 192 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (4, '2005-2731', 1, 'Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl.', '2005-09-13 14:05:15.91729', '2005-09-13 14:05:15.91729', NULL); |
| 193 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (5, '2005-2732', 1, 'AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message.', '2005-09-13 14:05:15.992007', '2005-09-13 14:05:15.992007', NULL); |
| 194 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (6, '2005-2733', 1, 'upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.', '2005-09-13 14:05:16.072418', '2005-09-13 14:05:16.072418', NULL); |
| 195 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (7, '2005-2734', 1, 'Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.202393', '2005-09-13 14:05:16.202393', NULL); |
| 196 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (8, '2005-2735', 1, 'Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.412226', '2005-09-13 14:05:16.412226', NULL); |
| 197 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (9, '2005-2736', 1, 'Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:16.841572', '2005-09-13 14:05:16.841572', NULL); |
| 198 | +INSERT INTO cve (id, sequence, status, description, datecreated, datemodified, fti) VALUES (10, '2005-2737', 1, 'Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.', '2005-09-13 14:05:17.043865', '2005-09-13 14:05:17.043865', NULL); |
| 199 | + |
| 200 | + |
| 201 | +ALTER TABLE cve ENABLE TRIGGER ALL; |
| 202 | + |
| 203 | + |
| 204 | |
| 205 | |
| 206 | |
| 207 | @@ -9162,16 +9150,6 @@ |
| 208 | |
| 209 | |
| 210 | |
| 211 | -ALTER TABLE questionbug DISABLE TRIGGER ALL; |
| 212 | - |
| 213 | - |
| 214 | - |
| 215 | -ALTER TABLE questionbug ENABLE TRIGGER ALL; |
| 216 | - |
| 217 | - |
| 218 | - |
| 219 | - |
| 220 | - |
| 221 | ALTER TABLE questionjob DISABLE TRIGGER ALL; |
| 222 | |
| 223 | |
| 224 | @@ -9452,6 +9430,13 @@ |
| 225 | |
| 226 | |
| 227 | |
| 228 | +ALTER TABLE snapbuildjob DISABLE TRIGGER ALL; |
| 229 | + |
| 230 | + |
| 231 | + |
| 232 | +ALTER TABLE snapbuildjob ENABLE TRIGGER ALL; |
| 233 | + |
| 234 | + |
| 235 | ALTER TABLE snapfile DISABLE TRIGGER ALL; |
| 236 | |
| 237 | |
| 238 | @@ -9581,17 +9566,6 @@ |
| 239 | |
| 240 | |
| 241 | |
| 242 | -ALTER TABLE specificationbug DISABLE TRIGGER ALL; |
| 243 | - |
| 244 | -INSERT INTO specificationbug (id, specification, bug) VALUES (1, 3, 1); |
| 245 | - |
| 246 | - |
| 247 | -ALTER TABLE specificationbug ENABLE TRIGGER ALL; |
| 248 | - |
| 249 | - |
| 250 | - |
| 251 | - |
| 252 | - |
| 253 | ALTER TABLE specificationdependency DISABLE TRIGGER ALL; |
| 254 | |
| 255 | INSERT INTO specificationdependency (id, specification, dependency, date_created) VALUES (1, 4, 3, '2006-10-16 18:31:52.855436'); |
| 256 | |
| 257 | === modified file 'database/schema/comments.sql' |
| 258 | --- database/schema/comments.sql 2016-07-07 19:15:37 +0000 |
| 259 | +++ database/schema/comments.sql 2016-10-05 10:15:11 +0000 |
| 260 | @@ -367,10 +367,6 @@ |
| 261 | COMMENT ON COLUMN BugTrackerComponentGroup.name IS 'The product or category name used in the remote bug tracker for grouping components.'; |
| 262 | COMMENT ON COLUMN BugTrackerComponentGroup.bug_tracker IS 'The external bug tracker this component group belongs to.'; |
| 263 | |
| 264 | --- BugCve |
| 265 | - |
| 266 | -COMMENT ON TABLE BugCve IS 'A table that records the link between a given malone bug number, and a CVE entry.'; |
| 267 | - |
| 268 | |
| 269 | -- BugWatch |
| 270 | |
| 271 | @@ -1008,10 +1004,6 @@ |
| 272 | COMMENT ON COLUMN Question.whiteboard IS 'A general status whiteboard. This is a scratch space to which arbitrary data can be added (there is only one constant whiteboard with no history). It is displayed at the top of the question. So its a useful way for projects to add their own semantics or metadata to the Answer Tracker.'; |
| 273 | COMMENT ON COLUMN Question.faq IS 'The FAQ document that contains the long answer to this question.'; |
| 274 | |
| 275 | --- QuestionBug |
| 276 | - |
| 277 | -COMMENT ON TABLE QuestionBug IS 'A link between a question and a bug, showing that the bug is somehow related to this question.'; |
| 278 | - |
| 279 | -- QuestionMessage |
| 280 | |
| 281 | COMMENT ON TABLE QuestionMessage IS 'A link between a question and a message. This means that the message will be displayed on the question page.'; |
| 282 | @@ -1337,10 +1329,6 @@ |
| 283 | COMMENT ON COLUMN MessageChunk.blob IS 'Binary content for this chunk of the message.'; |
| 284 | COMMENT ON COLUMN MessageChunk.sequence IS 'Order of a particular chunk. Chunks are orders in ascending order starting from 1.'; |
| 285 | |
| 286 | --- Comments on Lucille views |
| 287 | -COMMENT ON VIEW SourcePackageFilePublishing IS 'This view is used mostly by Lucille while performing publishing and unpublishing operations. It lists all the files associated with a sourcepackagerelease and collates all the textual representations needed for publishing components etc to allow rapid queries from SQLObject.'; |
| 288 | -COMMENT ON VIEW BinaryPackageFilePublishing IS 'This view is used mostly by Lucille while performing publishing and unpublishing operations. It lists all the files associated with a binarypackage and collates all the textual representations needed for publishing components etc to allow rapid queries from SQLObject.'; |
| 289 | - |
| 290 | -- SourcePackageRelease |
| 291 | |
| 292 | COMMENT ON TABLE SourcePackageRelease IS 'SourcePackageRelease: A source |
| 293 | @@ -1498,9 +1486,6 @@ |
| 294 | COMMENT ON COLUMN SpecificationBranch.branch IS 'The branch associated to the specification.'; |
| 295 | COMMENT ON COLUMN SpecificationBranch.registrant IS 'The person who linked the specification to the branch.'; |
| 296 | |
| 297 | --- SpecificationBug |
| 298 | -COMMENT ON TABLE SpecificationBug IS 'A table linking a specification and a bug. This is used to provide for easy navigation from bugs to related specs, and vice versa.'; |
| 299 | - |
| 300 | -- SpecificationSubscription |
| 301 | COMMENT ON TABLE SpecificationSubscription IS 'A table capturing a subscription of a person to a specification.'; |
| 302 | COMMENT ON COLUMN SpecificationSubscription.essential IS 'A field that indicates whether or not this person is essential to discussions on the planned feature. This is used by the meeting scheduler to ensure that all the essential people are at any automatically scheduled BOFs discussing that spec.'; |
| 303 | |
| 304 | === added file 'database/schema/patch-2209-77-3.sql' |
| 305 | --- database/schema/patch-2209-77-3.sql 1970-01-01 00:00:00 +0000 |
| 306 | +++ database/schema/patch-2209-77-3.sql 2016-10-05 10:15:11 +0000 |
| 307 | @@ -0,0 +1,28 @@ |
| 308 | +-- Copyright 2016 Canonical Ltd. This software is licensed under the |
| 309 | +-- GNU Affero General Public License version 3 (see the file LICENSE). |
| 310 | + |
| 311 | +SET client_min_messages=ERROR; |
| 312 | + |
| 313 | +DROP FUNCTION generate_openid_identifier(); |
| 314 | +DROP FUNCTION set_openid_identifier(); |
| 315 | +DROP FUNCTION set_shipit_normalized_address(); |
| 316 | +DROP FUNCTION is_printable_ascii(text); |
| 317 | +DROP FUNCTION is_person(text); |
| 318 | + |
| 319 | +-- Unused since r5499. |
| 320 | +DROP FUNCTION is_team(integer); |
| 321 | +DROP FUNCTION is_team(text); |
| 322 | + |
| 323 | +-- Unused since r9019. |
| 324 | +DROP VIEW potexport; |
| 325 | + |
| 326 | +-- Unused since r18209. |
| 327 | +DROP VIEW binarypackagefilepublishing; |
| 328 | +DROP VIEW sourcepackagefilepublishing; |
| 329 | + |
| 330 | +-- Unused since r17805. |
| 331 | +DROP TABLE bugcve; |
| 332 | +DROP TABLE questionbug; |
| 333 | +DROP TABLE specificationbug; |
| 334 | + |
| 335 | +INSERT INTO LaunchpadDatabaseRevision VALUES (2209, 77, 3); |
| 336 | |
| 337 | === modified file 'database/schema/security.cfg' |
| 338 | --- database/schema/security.cfg 2016-10-02 00:33:51 +0000 |
| 339 | +++ database/schema/security.cfg 2016-10-05 10:15:11 +0000 |
| 340 | @@ -45,14 +45,9 @@ |
| 341 | public.fticache = |
| 342 | public.ftq(text) = EXECUTE |
| 343 | public._ftq(text) = EXECUTE |
| 344 | -public.generate_openid_identifier() = EXECUTE |
| 345 | public.getlocalnodeid() = EXECUTE |
| 346 | public.gitrepository_denorm_access(integer) = EXECUTE |
| 347 | public.is_blacklisted_name(text, integer) = EXECUTE |
| 348 | -public.is_person(text) = EXECUTE |
| 349 | -public.is_printable_ascii(text) = EXECUTE |
| 350 | -public.is_team(integer) = EXECUTE |
| 351 | -public.is_team(text) = EXECUTE |
| 352 | public.latestdatabasediskutilization = |
| 353 | public.launchpaddatabaserevision = SELECT |
| 354 | public.launchpaddatabaseupdatelog = SELECT |
| 355 | @@ -268,7 +263,6 @@ |
| 356 | public.pofiletranslator = SELECT |
| 357 | public.poll = SELECT, INSERT, UPDATE |
| 358 | public.polloption = SELECT, INSERT, UPDATE, DELETE |
| 359 | -public.potexport = SELECT |
| 360 | public.previewdiff = SELECT, INSERT, UPDATE, DELETE |
| 361 | public.processacceptedbugsjob = SELECT, INSERT, UPDATE, DELETE |
| 362 | public.productjob = SELECT, INSERT, UPDATE, DELETE |
| 363 | @@ -545,7 +539,6 @@ |
| 364 | public.pofiletranslator = SELECT |
| 365 | public.pomsgid = SELECT |
| 366 | public.potemplate = SELECT |
| 367 | -public.potexport = SELECT |
| 368 | public.potmsgset = SELECT |
| 369 | public.potranslation = SELECT |
| 370 | public.product = SELECT |
| 371 | @@ -573,7 +566,6 @@ |
| 372 | public.pofiletranslator = SELECT |
| 373 | public.pomsgid = SELECT |
| 374 | public.potemplate = SELECT |
| 375 | -public.potexport = SELECT |
| 376 | public.potmsgset = SELECT |
| 377 | public.potranslation = SELECT |
| 378 | public.product = SELECT |
| 379 | @@ -1195,7 +1187,6 @@ |
| 380 | public.archivejob = SELECT, INSERT |
| 381 | public.binarypackagebuild = SELECT, INSERT, UPDATE |
| 382 | public.binarypackagefile = SELECT, INSERT, UPDATE |
| 383 | -public.binarypackagefilepublishing = SELECT, INSERT, UPDATE |
| 384 | public.binarypackagename = SELECT, INSERT, UPDATE |
| 385 | public.binarypackagepublishinghistory = SELECT, INSERT, UPDATE, DELETE |
| 386 | public.binarypackagerelease = SELECT, INSERT, UPDATE |
| 387 | @@ -1270,7 +1261,6 @@ |
| 388 | public.section = SELECT, INSERT, UPDATE |
| 389 | public.sectionselection = SELECT, INSERT, UPDATE |
| 390 | public.signedcodeofconduct = SELECT, INSERT, UPDATE |
| 391 | -public.sourcepackagefilepublishing = SELECT, INSERT, UPDATE |
| 392 | public.sourcepackageformatselection = SELECT, INSERT |
| 393 | public.sourcepackagename = SELECT, INSERT, UPDATE |
| 394 | public.sourcepackagepublishinghistory = SELECT, INSERT, UPDATE |
| 395 | @@ -1366,7 +1356,6 @@ |
| 396 | public.archivepermission = SELECT |
| 397 | public.binarypackagebuild = SELECT, INSERT, UPDATE |
| 398 | public.binarypackagefile = SELECT, INSERT |
| 399 | -public.binarypackagefilepublishing = SELECT |
| 400 | public.binarypackagename = SELECT, INSERT |
| 401 | public.binarypackagepublishinghistory = SELECT |
| 402 | public.binarypackagerelease = SELECT, INSERT |
| 403 | @@ -1453,7 +1442,6 @@ |
| 404 | public.snapbuildjob = SELECT, INSERT, UPDATE |
| 405 | public.snapfile = SELECT, INSERT, UPDATE |
| 406 | public.snappyseries = SELECT |
| 407 | -public.sourcepackagefilepublishing = SELECT |
| 408 | public.sourcepackageformatselection = SELECT |
| 409 | public.sourcepackagename = SELECT, INSERT |
| 410 | public.sourcepackagepublishinghistory = SELECT, INSERT |
| 411 | @@ -1484,7 +1472,6 @@ |
| 412 | public.archivepermission = SELECT |
| 413 | public.binarypackagebuild = SELECT, INSERT, UPDATE |
| 414 | public.binarypackagefile = SELECT, UPDATE |
| 415 | -public.binarypackagefilepublishing = SELECT |
| 416 | public.binarypackagename = SELECT |
| 417 | public.binarypackagepublishinghistory = SELECT, INSERT, UPDATE |
| 418 | public.binarypackagerelease = SELECT, UPDATE |
| 419 | @@ -1568,7 +1555,6 @@ |
| 420 | public.sharingjob = SELECT, INSERT, UPDATE |
| 421 | public.snapbuild = SELECT |
| 422 | public.snapfile = SELECT, UPDATE |
| 423 | -public.sourcepackagefilepublishing = SELECT |
| 424 | public.sourcepackagename = SELECT |
| 425 | public.sourcepackagepublishinghistory = SELECT, INSERT, UPDATE |
| 426 | public.sourcepackagerecipebuild = SELECT |
