From 9ace6a702b39820f14e8de779a20c6680bd66d8f Mon Sep 17 00:00:00 2001
From: Tim White <walton.timothy.james.white@gmail.com>
Date: Thu, 28 Sep 2023 15:19:52 +1300
Subject: [PATCH 1/4] Make fixVersion optional in the Cue schema to support
 CVE-2019-0225

---
 tools/pov-project-schema.cue | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/pov-project-schema.cue b/tools/pov-project-schema.cue
index e8df6f6..611702a 100644
--- a/tools/pov-project-schema.cue
+++ b/tools/pov-project-schema.cue
@@ -5,7 +5,8 @@
 	artifact: string
 	// At least one version must be provided
 	vulnerableVersions: [string, ...string]
-	fixVersion: string
+	// The earliest version in which the vulnerability is fixed, if said exists
+	fixVersion?: string
 	// The JDK version to build and run the PoV tests with
 	jdkVersion?: "7" | "8" | "11" | "17"
 	testSignalWhenVulnerable: "success" | "failure"

From d94b2140481d9d46e98f9effe091eda0ebb66968 Mon Sep 17 00:00:00 2001
From: Tim White <walton.timothy.james.white@gmail.com>
Date: Thu, 28 Sep 2023 15:21:40 +1300
Subject: [PATCH 2/4] Generated pov-project.json for CVE-2019-0225

---
 CVE-2019-0225/pov-project.json | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 CVE-2019-0225/pov-project.json

diff --git a/CVE-2019-0225/pov-project.json b/CVE-2019-0225/pov-project.json
new file mode 100644
index 0000000..608b029
--- /dev/null
+++ b/CVE-2019-0225/pov-project.json
@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2019-0225",
+  "artifact": "org.apache.jspwiki:jspwiki-war",
+  "vulnerableVersions": [
+    "2.10.0",
+    "2.10.1",
+    "2.10.2",
+    "2.10.3",
+    "2.10.4",
+    "2.10.5",
+    "2.11.0.M1",
+    "2.11.0.M2"
+  ],
+  "fixVersion": null,
+  "testSignalWhenVulnerable": "failure",
+  "references": [
+    "https://nvd.nist.gov/vuln/detail/CVE-2019-0225",
+    "https://github.com/advisories/GHSA-pffw-p2q5-w6vh"
+  ]
+}

From 5b0dd228b2d873089690af90c3a6e06dac8d237d Mon Sep 17 00:00:00 2001
From: Tim White <walton.timothy.james.white@gmail.com>
Date: Thu, 28 Sep 2023 15:22:38 +1300
Subject: [PATCH 3/4] Remove fixVersion since no existing version passes tests
 (see README)

---
 CVE-2019-0225/pov-project.json | 1 -
 1 file changed, 1 deletion(-)

diff --git a/CVE-2019-0225/pov-project.json b/CVE-2019-0225/pov-project.json
index 608b029..f9ded43 100644
--- a/CVE-2019-0225/pov-project.json
+++ b/CVE-2019-0225/pov-project.json
@@ -11,7 +11,6 @@
     "2.11.0.M1",
     "2.11.0.M2"
   ],
-  "fixVersion": null,
   "testSignalWhenVulnerable": "failure",
   "references": [
     "https://nvd.nist.gov/vuln/detail/CVE-2019-0225",

From f82a24439a828ff29e431ac123539b196c10c2a5 Mon Sep 17 00:00:00 2001
From: Tim White <walton.timothy.james.white@gmail.com>
Date: Thu, 28 Sep 2023 15:23:08 +1300
Subject: [PATCH 4/4] Remove last mvn_clean_test.exitstatus

---
 CVE-2019-0225/mvn_clean_test.exitstatus | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 CVE-2019-0225/mvn_clean_test.exitstatus

diff --git a/CVE-2019-0225/mvn_clean_test.exitstatus b/CVE-2019-0225/mvn_clean_test.exitstatus
deleted file mode 100644
index d00491f..0000000
--- a/CVE-2019-0225/mvn_clean_test.exitstatus
+++ /dev/null
@@ -1 +0,0 @@
-1