From 53c9368743875a2a37037c59913defae91240c52 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:44:34 +0100 Subject: [PATCH 01/16] Bunch of GitHub actions --- .../{exec.yml => generate_examples.yml} | 18 +----- .github/workflows/pull_request.yml | 58 +++++++++++++++++++ .github/workflows/update_cve_and_docs.yml | 40 +++++++++++++ 3 files changed, 100 insertions(+), 16 deletions(-) rename .github/workflows/{exec.yml => generate_examples.yml} (79%) create mode 100644 .github/workflows/pull_request.yml create mode 100644 .github/workflows/update_cve_and_docs.yml diff --git a/.github/workflows/exec.yml b/.github/workflows/generate_examples.yml similarity index 79% rename from .github/workflows/exec.yml rename to .github/workflows/generate_examples.yml index 632a796..c407505 100644 --- a/.github/workflows/exec.yml +++ b/.github/workflows/generate_examples.yml @@ -1,15 +1,9 @@ # This is a basic workflow to help you get started with Actions -name: CI for MySQL Tuner +name: Adding examples for MySQL Tuner execution # Controls when the workflow will run on: - # Triggers the workflow on push or pull request events but only for the master branch - push: - branches: [ master ] - pull_request: - branches: [ master ] - # Allows you to run this workflow manually from the Actions tab workflow_dispatch: @@ -50,14 +44,6 @@ jobs: cd - rm -rf test_db # Runs a single command using the runners shell - - name: Run help mode - run: perl ./mysqltuner.pl --help - - # Runs a single command using the runners shell - - name: Run verbose mode - run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose - - # Runs a single command using the runners shell - name: Run verbose mode with dumpdir result run: | mkdir -p ./examples/github/result @@ -69,5 +55,5 @@ jobs: git config --global user.name "Jean-Marie Renouard" git config --global user.email "jmrenouard@gmail.com" git add . - git commit -m "Commit example result" + git commit -m "Commit example result for Actions" git push \ No newline at end of file diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml new file mode 100644 index 0000000..480f79a --- /dev/null +++ b/.github/workflows/pull_request.yml @@ -0,0 +1,58 @@ +# This is a basic workflow to help you get started with Actions + +name: CI for MySQL Tuner + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the master branch + push: + branches: [ master ] + pull_request: + branches: [ master ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - name: Setup MySQL Tuner repository + uses: actions/checkout@v3 + + - name: Set up MySQL + uses: mirromutth/mysql-action@v1.1 + with: + mysql root password: "root" + mysql version: "8.0" + - name: Injecting credentials + run: | + echo -e "[client]\nuser=root\npassword=root\nhost=127.0.0.1\nprotocol=TCP" > $HOME/.my.cnf + + - name: Cloning test_db dataset + run: | + git clone https://github.com/datacharmer/test_db.git + + - name: Injecting test_db dataset + run: | + sleep 5s + cd test_db + netstat -ltpn + mysql -e 'select version();' + mysql -e 'CREATE DATABASE data;' + mysql data< ./employees.sql + cd - + rm -rf test_db + # Runs a single command using the runners shell + - name: Run help mode + run: perl ./mysqltuner.pl --help + + # Runs a single command using the runners shell + - name: Run verbose mode + run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml new file mode 100644 index 0000000..2e1dc3a --- /dev/null +++ b/.github/workflows/update_cve_and_docs.yml @@ -0,0 +1,40 @@ +# This is a basic workflow to help you get started with Actions + +name: Adding examples for MySQL Tuner execution + +# Controls when the workflow will run +on: + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - name: Setup MySQL Tuner repository + uses: actions/checkout@v3 + + - name: Install dependencies + run: | + sudo apt-get update + bash ./build/installStaff.sh + + - name: Update CVE and docs + run: | + sudo apt-get update + bash ./build/updateStaff.sh + + # Runs a single command using the runners shell + - name: Commit example result to repo + run: | + git config --global user.name "Jean-Marie Renouard" + git config --global user.email "jmrenouard@gmail.com" + git add . + git commit -m "Updates CVE and docs (via Actions) - $(date +'%Y-%m-%d')" + git push \ No newline at end of file From a04e862f02618adb7f41e9cce4c8722f9748ea3f Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:49:48 +0100 Subject: [PATCH 02/16] fix: renaming action update_cvs_and_docs --- .github/workflows/update_cve_and_docs.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index 2e1dc3a..8aea41d 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Adding examples for MySQL Tuner execution +name: Update CVE informations and general docs # Controls when the workflow will run on: @@ -22,12 +22,10 @@ jobs: - name: Install dependencies run: | - sudo apt-get update bash ./build/installStaff.sh - name: Update CVE and docs run: | - sudo apt-get update bash ./build/updateStaff.sh # Runs a single command using the runners shell From 54c963d6b944f26631ee59b2d1b5bc818f3414c7 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:50:39 +0100 Subject: [PATCH 03/16] fix: renaming action adding examples --- .github/workflows/generate_examples.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/generate_examples.yml b/.github/workflows/generate_examples.yml index c407505..8c5cf4b 100644 --- a/.github/workflows/generate_examples.yml +++ b/.github/workflows/generate_examples.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Adding examples for MySQL Tuner execution +name: Adding examples from MySQL Tuner execution # Controls when the workflow will run on: From c0ebc46b4c605e73f181c4a31b89e37974cc8a10 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:54:59 +0100 Subject: [PATCH 04/16] fix: exec levels and action naming --- .github/workflows/generate_examples.yml | 2 +- .github/workflows/update_cve_and_docs.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/generate_examples.yml b/.github/workflows/generate_examples.yml index 8c5cf4b..4c0c001 100644 --- a/.github/workflows/generate_examples.yml +++ b/.github/workflows/generate_examples.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Adding examples from MySQL Tuner execution +name: Compile MT examples # Controls when the workflow will run on: diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index 8aea41d..ac2b190 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Update CVE informations and general docs +name: CVE and Docs update # Controls when the workflow will run on: @@ -22,14 +22,14 @@ jobs: - name: Install dependencies run: | - bash ./build/installStaff.sh + sudo bash ./build/installStaff.sh - name: Update CVE and docs run: | - bash ./build/updateStaff.sh + sudo bash ./build/updateStaff.sh # Runs a single command using the runners shell - - name: Commit example result to repo + - name: Commit CVE result to repo run: | git config --global user.name "Jean-Marie Renouard" git config --global user.email "jmrenouard@gmail.com" From a41b68be4fd890969e88867cb6b2d4d0ac400292 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:57:43 +0100 Subject: [PATCH 05/16] fix: cwd is incorrect --- .github/workflows/update_cve_and_docs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index ac2b190..64de9dc 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -22,10 +22,12 @@ jobs: - name: Install dependencies run: | + cd build sudo bash ./build/installStaff.sh - name: Update CVE and docs run: | + cd build sudo bash ./build/updateStaff.sh # Runs a single command using the runners shell From c09af858d5fe04893fd843d8c202cd4dfe2c64d5 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 15:59:43 +0100 Subject: [PATCH 06/16] fix: cwd is incorrect for generation part --- .github/workflows/update_cve_and_docs.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index 64de9dc..24fcb19 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -27,7 +27,6 @@ jobs: - name: Update CVE and docs run: | - cd build sudo bash ./build/updateStaff.sh # Runs a single command using the runners shell From b870af9dd34ecf1a631b3e8bbfa63ae2afac86ce Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:02:49 +0100 Subject: [PATCH 07/16] fix: cwd is incorrect - again --- .github/workflows/update_cve_and_docs.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index 24fcb19..fc3fc69 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -23,10 +23,11 @@ jobs: - name: Install dependencies run: | cd build - sudo bash ./build/installStaff.sh + sudo bash ./installStaff.sh - name: Update CVE and docs run: | + cd .. sudo bash ./build/updateStaff.sh # Runs a single command using the runners shell From 26bbb196a83a183712c1f8efb03197ef177825d0 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:07:32 +0100 Subject: [PATCH 08/16] fix: cwd is incorrect - adding debug info --- .github/workflows/update_cve_and_docs.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index fc3fc69..93bd82f 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -22,12 +22,14 @@ jobs: - name: Install dependencies run: | + pwd cd build + pwd sudo bash ./installStaff.sh - name: Update CVE and docs run: | - cd .. + pwd sudo bash ./build/updateStaff.sh # Runs a single command using the runners shell From 30982454d9a8126269542db5d4440d873a373c74 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:10:49 +0100 Subject: [PATCH 09/16] fix: cwd is incorrect - adding debug info 2 --- .github/workflows/generate_examples.yml | 2 +- .github/workflows/pull_request.yml | 18 ------------------ 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/.github/workflows/generate_examples.yml b/.github/workflows/generate_examples.yml index 4c0c001..96f4eee 100644 --- a/.github/workflows/generate_examples.yml +++ b/.github/workflows/generate_examples.yml @@ -55,5 +55,5 @@ jobs: git config --global user.name "Jean-Marie Renouard" git config --global user.email "jmrenouard@gmail.com" git add . - git commit -m "Commit example result for Actions" + git commit -m "Commit example result for employees database for Actions" git push \ No newline at end of file diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 480f79a..f872713 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -31,25 +31,7 @@ jobs: with: mysql root password: "root" mysql version: "8.0" - - name: Injecting credentials - run: | - echo -e "[client]\nuser=root\npassword=root\nhost=127.0.0.1\nprotocol=TCP" > $HOME/.my.cnf - - - name: Cloning test_db dataset - run: | - git clone https://github.com/datacharmer/test_db.git - - name: Injecting test_db dataset - run: | - sleep 5s - cd test_db - netstat -ltpn - mysql -e 'select version();' - mysql -e 'CREATE DATABASE data;' - mysql data< ./employees.sql - cd - - rm -rf test_db - # Runs a single command using the runners shell - name: Run help mode run: perl ./mysqltuner.pl --help From 58a01544b1b2b12e36a323da34b0040874d92db9 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:11:24 +0100 Subject: [PATCH 10/16] feat: adding more advanced tests --- .github/workflows/run_mt_with_db.yml | 52 ++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 .github/workflows/run_mt_with_db.yml diff --git a/.github/workflows/run_mt_with_db.yml b/.github/workflows/run_mt_with_db.yml new file mode 100644 index 0000000..f6a556f --- /dev/null +++ b/.github/workflows/run_mt_with_db.yml @@ -0,0 +1,52 @@ +# This is a basic workflow to help you get started with Actions + +name: Test with databases + +# Controls when the workflow will run +on: + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - name: Setup MySQL Tuner repository + uses: actions/checkout@v3 + + - name: Set up MySQL + uses: mirromutth/mysql-action@v1.1 + with: + mysql root password: "root" + mysql version: "8.0" + - name: Injecting credentials + run: | + echo -e "[client]\nuser=root\npassword=root\nhost=127.0.0.1\nprotocol=TCP" > $HOME/.my.cnf + + - name: Cloning test_db dataset + run: | + git clone https://github.com/datacharmer/test_db.git + + - name: Injecting test_db dataset + run: | + sleep 5s + cd test_db + netstat -ltpn + mysql -e 'select version();' + mysql -e 'CREATE DATABASE data;' + mysql data< ./employees.sql + cd - + rm -rf test_db + # Runs a single command using the runners shell + - name: Run help mode + run: perl ./mysqltuner.pl --help + + # Runs a single command using the runners shell + - name: Run verbose mode + run: sudo perl ./mysqltuner.pl --user=root --pass=root --protocol tcp --verbose From 0ea8e42ab7813199c3a98affab8d4b208a2275b7 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:13:45 +0100 Subject: [PATCH 11/16] fix: adding timer waiting mysql start --- .github/workflows/pull_request.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index f872713..5519c37 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -33,7 +33,9 @@ jobs: mysql version: "8.0" - name: Run help mode - run: perl ./mysqltuner.pl --help + run: | + sleep 20s + sudo perl ./mysqltuner.pl --help # Runs a single command using the runners shell - name: Run verbose mode From ac76b78f394cf07063f3f708717300859c61fbdc Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:17:32 +0100 Subject: [PATCH 12/16] fix: adding cd to good directory --- .github/workflows/update_cve_and_docs.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index 93bd82f..cb368b5 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -29,6 +29,8 @@ jobs: - name: Update CVE and docs run: | + pwd + cd .. pwd sudo bash ./build/updateStaff.sh From 3a68d793fdd17df592091f6a12e21085a727c287 Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:21:09 +0100 Subject: [PATCH 13/16] fix: adding cd to good directory for update part --- .github/workflows/update_cve_and_docs.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index cb368b5..c5ce141 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -30,9 +30,9 @@ jobs: - name: Update CVE and docs run: | pwd - cd .. + cd ./build pwd - sudo bash ./build/updateStaff.sh + sudo bash ./updateStaff.sh # Runs a single command using the runners shell - name: Commit CVE result to repo From 701057d7ad34410a2dac21f4a15401b9c66275bf Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:24:49 +0100 Subject: [PATCH 14/16] fix: Adding last fix --- .github/workflows/update_cve_and_docs.yml | 1 + build/updateStaff.sh | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index c5ce141..ef40c53 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -37,6 +37,7 @@ jobs: # Runs a single command using the runners shell - name: Commit CVE result to repo run: | + pwd git config --global user.name "Jean-Marie Renouard" git config --global user.email "jmrenouard@gmail.com" git add . diff --git a/build/updateStaff.sh b/build/updateStaff.sh index 4dd4761..26cac01 100644 --- a/build/updateStaff.sh +++ b/build/updateStaff.sh @@ -10,6 +10,6 @@ echo "* Update CVE list" perl updateCVElist.pl dos2unix ../mysqltuner.pl git add ../vulnerabilities.csv ../mysqltuner.pl ../USAGE.md -git commit -m 'Update Vulnerabilities list -Indenting mysqltuner -Update Usage information' +#git commit -m 'Update Vulnerabilities list +#Indenting mysqltuner +#Update Usage information' From 3412750798e8d60575e0708d70d4ccd539d5813e Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:29:53 +0100 Subject: [PATCH 15/16] fix: Adding last fix on commit --- .github/workflows/update_cve_and_docs.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/update_cve_and_docs.yml b/.github/workflows/update_cve_and_docs.yml index ef40c53..10488df 100644 --- a/.github/workflows/update_cve_and_docs.yml +++ b/.github/workflows/update_cve_and_docs.yml @@ -38,8 +38,8 @@ jobs: - name: Commit CVE result to repo run: | pwd - git config --global user.name "Jean-Marie Renouard" - git config --global user.email "jmrenouard@gmail.com" - git add . - git commit -m "Updates CVE and docs (via Actions) - $(date +'%Y-%m-%d')" - git push \ No newline at end of file + sudo git config --global user.name "Jean-Marie Renouard" + sudo git config --global user.email "jmrenouard@gmail.com" + sudo git add ./vulnerabilities.csv ./mysqltuner.pl ./USAGE.md + sudo git commit -m "Updates CVE and docs (via Actions) - $(date +'%Y-%m-%d')" + sudo git push \ No newline at end of file From 7fad4236ba78ec27e72cdb4b48844d27bd8f81bc Mon Sep 17 00:00:00 2001 From: Jean-Marie RENOUARD Date: Wed, 22 Mar 2023 16:34:10 +0100 Subject: [PATCH 16/16] Updates CVS and docs --- mysqltuner.pl | 10 +++++----- vulnerabilities.csv | 3 ++- 2 files changed, 7 insertions(+), 6 deletions(-) mode change 100644 => 100755 vulnerabilities.csv diff --git a/mysqltuner.pl b/mysqltuner.pl index 5453e37..a9f1741 100644 --- a/mysqltuner.pl +++ b/mysqltuner.pl @@ -212,7 +212,7 @@ if ( $opt{verbose} ) { $opt{nocolor} = 1 if defined( $opt{outputfile} ); $opt{tbstat} = 0 if ( $opt{notbstat} == 1 ); # Don't print table information $opt{colstat} = 0 if ( $opt{nocolstat} == 1 ); # Don't print column information -$opt{dbstat} = 0 if ( $opt{nodbstat} == 1 ); # Don't print database information +$opt{dbstat} = 0 if ( $opt{nodbstat} == 1 ); # Don't print database information $opt{noprocess} = 0 if ( $opt{noprocess} == 1 ); # Don't print process information $opt{sysstat} = 0 if ( $opt{nosysstat} == 1 ); # Don't print sysstat information @@ -1309,8 +1309,8 @@ sub get_all_vars { my @lineitems = (); foreach my $line (@mysqlslaves) { debugprint "L: $line "; - @lineitems = split /\s+/, $line; - $myslaves{ $lineitems[0] } = $line; + @lineitems = split /\s+/, $line; + $myslaves{ $lineitems[0] } = $line; $result{'Replication'}{'Slaves'}{ $lineitems[0] } = $lineitems[4]; } } @@ -1461,7 +1461,7 @@ sub log_file_recommendations { $numLi++; debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i and $logLi !~ /Logging to/; - $nbErrLog++ if $logLi =~ /error/i and $logLi !~ /Logging to/; + $nbErrLog++ if $logLi =~ /error/i and $logLi !~ /Logging to/; $nbWarnLog++ if $logLi =~ /warning/i; push @lastShutdowns, $logLi if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i; @@ -2225,7 +2225,7 @@ sub get_replication_status { "This replication slave is not running but seems to be configured."; } if ( defined($io_running) - && $io_running =~ /yes/i + && $io_running =~ /yes/i && $sql_running =~ /yes/i ) { if ( $myvar{'read_only'} eq 'OFF' ) { diff --git a/vulnerabilities.csv b/vulnerabilities.csv old mode 100644 new mode 100755 index af3f14b..7856593 --- a/vulnerabilities.csv +++ b/vulnerabilities.csv @@ -1713,7 +1713,8 @@ 8.0.30;8;0;30;CVE-2022-39408;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/ | FEDORA:FEDORA-2023-d332f0b6a3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/ | FEDORA:FEDORA-2023-e449235964 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/ | MISC:https://www.oracle.com/security-alerts/cpuoct2022.html | URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" 8.0.30;8;0;30;CVE-2022-39410;Candidate;"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:https://security.netapp.com/advisory/ntap-20221028-0013/ | FEDORA:FEDORA-2023-d332f0b6a3 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EG3VBUHKCUXVWBSCD2FHCWIAMZO4X3PR/ | FEDORA:FEDORA-2023-e449235964 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGZ4B5IQJEZQFSXGCZKSJ6GO3HLQ6URQ/ | MISC:https://www.oracle.com/security-alerts/cpuoct2022.html | URL:https://www.oracle.com/security-alerts/cpuoct2022.html";Assigned (20220902);"None (candidate not yet proposed)";"" 1.3.0;1;3;0;CVE-2022-40955;Candidate;"In versions of Apache InLong prior to 1.3.0; an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database; could cause this data to be deserialized by Apache InLong; potentially leading to Remote Code Execution on the Apache InLong server. Users are advised to upgrade to Apache InLong 1.3.0 or newer.";"MISC:[oss-security] 20220922 CVE-2022-40955: Deserialization attack in Apache InLong prior to version 1.3.0 allows RCE via JDBC | URL:http://www.openwall.com/lists/oss-security/2022/09/22/5 | MISC:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1 | URL:https://lists.apache.org/thread/r1r34y7bchrpmp9jhfdoohzdmk7pj1q1";Assigned (20220919);"None (candidate not yet proposed)";"" -1.3.0;1;3;0;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J; an authenticated attacker could read arbitrary local file by connecting a rogue mysql server; By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore; the parameters in the jdbc url should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" +1.3.0;1;3;0;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module; an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server; By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore; the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" +1.3.1;1;3;1;CVE-2022-44644;Candidate;"In Apache Linkis <=1.3.0 when used with the MySQL Connector/J in the data source module; an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server; By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore; the parameters in the JDBC URL should be blacklisted. Versions of Apache Linkis <= 1.3.0 will be affected. We recommend users upgrade the version of Linkis to version 1.3.1";"MISC:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h | URL:https://lists.apache.org/thread/hwq9ytq6y1kdh9lz5znptkcrdll9x85h";Assigned (20221103);"None (candidate not yet proposed)";"" 3.17.0;3;17;0;CVE-2022-45136;Candidate;"** UNSUPPORTED WHEN ASSIGNED ** Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a result an application using Apache Jena SDB can be subject to RCE when connected to a malicious database server. Apache Jena SDB has been EOL since December 2020 and users should migrate to alternative options e.g. Apache Jena TDB 2.";"MISC:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31 | URL:https://lists.apache.org/thread/mc77cdl5stgjtjoldk467gdf756qjt31 | MLIST:[oss-security] 20221114 CVE-2022-45136: JDBC Deserialisation in Apache Jena SDB | URL:http://www.openwall.com/lists/oss-security/2022/11/14/5";Assigned (20221110);"None (candidate not yet proposed)";"" 10.3.33;10;3;33;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/ | MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954 | URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";"" 10.9.2;10;9;2;CVE-2022-47015;Candidate;"MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer.";"CONFIRM:https://security.netapp.com/advisory/ntap-20230309-0009/ | MISC:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954 | URL:https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954";Assigned (20221212);"None (candidate not yet proposed)";""