launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #21605
[Merge] lp:~cjwatson/launchpad/https-cve into lp:launchpad
Colin Watson has proposed merging lp:~cjwatson/launchpad/https-cve into lp:launchpad.
Commit message:
Switch to HTTPS for CVE references.
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/https-cve/+merge/324880
--
Your team Launchpad code reviewers is requested to review the proposed merge of lp:~cjwatson/launchpad/https-cve into lp:launchpad.
=== modified file 'lib/lp/bugs/doc/bug-change.txt'
--- lib/lp/bugs/doc/bug-change.txt 2015-10-06 06:48:01 +0000
+++ lib/lp/bugs/doc/bug-change.txt 2017-05-31 17:36:56 +0000
@@ -362,7 +362,7 @@
'whatchanged': 'cve linked'}
>>> print bug_cve_linked.getBugNotification()['text']
- ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979
+ ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979
And when a CVE is unlinked from a bug.
@@ -374,7 +374,7 @@
'whatchanged': 'cve unlinked'}
>>> print bug_cve_unlinked.getBugNotification()['text']
- ** CVE removed: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979
+ ** CVE removed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979
== BugAttachmentChange ==
=== modified file 'lib/lp/bugs/doc/bugnotifications.txt'
--- lib/lp/bugs/doc/bugnotifications.txt 2016-01-26 15:47:37 +0000
+++ lib/lp/bugs/doc/bugnotifications.txt 2017-05-31 17:36:56 +0000
@@ -293,7 +293,7 @@
>>> latest_notification.is_comment
False
>>> print latest_notification.message.text_contents
- ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0276
+ ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0276
=== Expiring notifications ===
=== modified file 'lib/lp/bugs/doc/cve.txt'
--- lib/lp/bugs/doc/cve.txt 2015-10-21 03:46:31 +0000
+++ lib/lp/bugs/doc/cve.txt 2017-05-31 17:36:56 +0000
@@ -1,7 +1,7 @@
= Common Vulnerabilities and Exposures (CVE) =
Malone supports attaching CVE references to bugs. From
-http://www.cve.mitre.org/about/ CVE is:
+https://cve.mitre.org/about/ CVE is:
A list of standardized names for vulnerabilities and other
information security exposures - CVE aims to standardize the names
@@ -9,7 +9,7 @@
For more information, consult the CVE website:
- http://www.cve.mitre.org/
+ https://cve.mitre.org/
== CveSet ==
=== modified file 'lib/lp/bugs/model/cve.py'
--- lib/lp/bugs/model/cve.py 2016-08-09 10:43:45 +0000
+++ lib/lp/bugs/model/cve.py 2017-05-31 17:36:56 +0000
@@ -1,4 +1,4 @@
-# Copyright 2009-2016 Canonical Ltd. This software is licensed under the
+# Copyright 2009-2017 Canonical Ltd. This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).
__metaclass__ = type
@@ -62,7 +62,7 @@
@property
def url(self):
"""See ICve."""
- return ('http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=%s'
+ return ('https://cve.mitre.org/cgi-bin/cvename.cgi?name=%s'
% self.sequence)
@property
=== modified file 'lib/lp/bugs/stories/webservice/xx-bug.txt'
--- lib/lp/bugs/stories/webservice/xx-bug.txt 2016-04-12 10:50:30 +0000
+++ lib/lp/bugs/stories/webservice/xx-bug.txt 2017-05-31 17:36:56 +0000
@@ -1837,7 +1837,7 @@
sequence: u'2005-2737'
status: u'Candidate'
title: u'CVE-2005-2737 (Candidate)'
- url: u'http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2737'
+ url: u'https://cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2737'
web_link: u'http://bugs.launchpad.dev/bugs/cve/2005-2737'
---
...
@@ -1875,7 +1875,7 @@
sequence: u'1999-8979'
status: u'Entry'
title: u'CVE-1999-8979 (Entry)'
- url: u'http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979'
+ url: u'https://cve.mitre.org/cgi-bin/cvename.cgi?name=1999-8979'
web_link: u'http://bugs.launchpad.dev/bugs/cve/1999-8979'
---
=== modified file 'lib/lp/bugs/templates/cveset-portlet-details.pt'
--- lib/lp/bugs/templates/cveset-portlet-details.pt 2009-09-07 13:38:16 +0000
+++ lib/lp/bugs/templates/cveset-portlet-details.pt 2017-05-31 17:36:56 +0000
@@ -5,7 +5,7 @@
class="portlet" id="portlet-details">
<div>
Launchpad includes full support for
- <a href="http://cve.mitre.org/";>the CVE framework</a>.
+ <a href="https://cve.mitre.org/";>the CVE framework</a>.
We update the Launchpad CVE database daily to ensure it includes details of
all known vulnerabilities.
</div>
=== modified file 'lib/lp/bugs/tests/test_bugchanges.py'
--- lib/lp/bugs/tests/test_bugchanges.py 2016-07-28 10:48:49 +0000
+++ lib/lp/bugs/tests/test_bugchanges.py 2017-05-31 17:36:56 +0000
@@ -1,4 +1,4 @@
-# Copyright 2009-2016 Canonical Ltd. This software is licensed under the
+# Copyright 2009-2017 Canonical Ltd. This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).
"""Tests for recording changes done to a bug."""
@@ -789,7 +789,7 @@
cve_linked_notification = {
'text': (
- '** CVE added: http://www.cve.mitre.org/'
+ '** CVE added: https://cve.mitre.org/'
'cgi-bin/cvename.cgi?name=1999-8979'),
'person': self.user,
}
@@ -820,7 +820,7 @@
cve_unlinked_notification = {
'text': (
- '** CVE removed: http://www.cve.mitre.org/'
+ '** CVE removed: https://cve.mitre.org/'
'cgi-bin/cvename.cgi?name=1999-8979'),
'person': self.user,
}
=== modified file 'lib/lp/registry/help/sharing.html'
--- lib/lp/registry/help/sharing.html 2012-07-19 03:18:37 +0000
+++ lib/lp/registry/help/sharing.html 2017-05-31 17:36:56 +0000
@@ -48,7 +48,7 @@
Visible if you're involved in fixing and deploying critical
vulnerability and exploits
(<a class="sprite external-link"
- href="http://cve.mitre.org/";>CVEs</a>). Embargo will be lifted
+ href="https://cve.mitre.org/";>CVEs</a>). Embargo will be lifted
after the fixes have been made, so that the information is visible
to anyone who may need to ensure that their version is secure.
</dd>
=== modified file 'lib/lp/services/config/schema-lazr.conf'
--- lib/lp/services/config/schema-lazr.conf 2017-05-26 12:26:41 +0000
+++ lib/lp/services/config/schema-lazr.conf 2017-05-31 17:36:56 +0000
@@ -488,7 +488,7 @@
dbuser: cve
# datatype: string
-cve_db_url: http://cve.mitre.org/cve/downloads/allitems.xml.gz
+cve_db_url: https://cve.mitre.org/data/downloads/allitems.xml.gz
[database]
Follow ups
