[그누•영카트] 그누보드 5.1.4 패치 (2015.10.26)

페이지 정보

yadolee 루루아빠 2,548 2015.11.09 11:02:52

짧은주소

  • https://yadolee.com/tip/329 주소복사

평점

  • 평점 : 0점 (0명 참여)

본문

** 수정내역 ** 

게시글 본문 내 object 태그를 이용한 XSS 취약점을 수정했습니다. (한국인터넷진흥원 박종원님이 알려주셨습니다.) 

https://github.com/gnuboard/gnuboard5/commit/0535b6d26abb94ca37327257d11651ade870362b 
https://github.com/gnuboard/gnuboard5/commit/353a0d9409fab03cfcdd0bb85f93edde5bb9dfb0 
https://github.com/gnuboard/gnuboard5/commit/9bf15fdf329cfb45bbca46a52482447c965e93b3 
https://github.com/gnuboard/gnuboard5/commit/eb154efa2411dd63757a352fb6d49447361aa5f7 
https://github.com/gnuboard/gnuboard5/commit/36ef8e6447b1b4366e859c8c8615e468822b8db8 


db1d1d2 5.1.4 버전변경 
M      config.php 
6a2cbbe 누락된 닫음태그 추가 
M      plugin/sns/view.sns.skin.php 
7d132fd post 값 필터링 코드 위치 변경 
M      bbs/register_form_update.php 
0b66b11 htmlpurifier 4.7 버전 적용 
M      plugin/htmlpurifier/HTMLPurifier.standalone.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.D 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.t 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predi 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Remov 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithou 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions. 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt 
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragme 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSync 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacter 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstruc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Es 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Sc 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Ti 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.tx 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Base.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Host.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.t 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt 
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/info.ini 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/ExtractStyleBlocks.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/YouTube.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/classes/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-test.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-testmini.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Lexer/PH5P.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/CSSDefinition.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.css 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.js 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.php 
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/HTMLDefinition.php 
8566183 XSS취약점관련 object 태그 허용설정 변경 
M      lib/common.lib.php
0
추천인
  • 추천해 주세요
yadolee
6
루루아빠 - 회원등급 : 최고관리자 - 포인트 : 1,328,414
레벨 99
경험치 1,478,262

Progress Bar 77.32%

- 가입일 : 2015-03-04 03:24:54
- 서명 : KNOW YOUR LIMITS BUT NEVER STOP TRYING TO EXCEED THEM !!
- 자기소개 : 루루의 자랑 루루아빠랍니다~~

댓글

첫 번째 댓글을 남겨 주세요

Total 7592538 페이지
 태그
제목 글쓴이 날짜 조회 추천
이윰  🏆 🎞️ Eyoom Builder 1.1.16 패치 루루아빠 2015.11.19 3,266 0
이윰  🏆 🎞️ 그누보드 5.17, 영카트 5.16 대응 테마 패치 루루아빠 2015.11.18 3,008 0
이윰  🏆 🎞️ Input 관련 버튼과 이윰 버튼 정렬 맞추기 루루아빠 2015.11.17 2,685 0
그누•영카트  🏆 🎞️ 영카트 5.1.6 패치 루루아빠 2015.11.17 2,580 0
그누•영카트  🏆 🎞️ 그누보드 5.1.7 패치 루루아빠 2015.11.17 2,554 0
이윰  🏆 🎞️ 검색시 본문 내용 나오지 않게 하기 루루아빠 2015.11.15 2,720 0
그누•영카트  댓글+1🏆 영카트 5.1.5 패치 루루아빠 2015.11.09 2,676 0
그누•영카트  🏆 영카트 5.1.4 (2015.11.02) 루루아빠 2015.11.09 2,709 0
그누•영카트  🏆 영카트 5.1.3 패치 (2015.10.26) 루루아빠 2015.11.09 2,527 0
그누•영카트  댓글+1🏆 그누보드 5.1.6 패치 루루아빠 2015.11.09 2,939 0
그누•영카트  🏆 그누보드 5.1.5 패치 (2015.11.02) 루루아빠 2015.11.09 2,674 0
그누•영카트  🏆 🚩 그누보드 5.1.4 패치 (2015.10.26) 루루아빠 2015.11.09 2,549 0
이윰  🏆 Eyoom Builder 1.1.15 패치 루루아빠 2015.11.09 3,357 0
그누•영카트  🏆 게시판을 디바이스에 따라 보여주기 안보여주기 루루아빠 2015.11.04 2,535 0
HTML5  🏆 HTML5 동영상 혹은 오디오 마우스 우측 버튼 다운로드 금지시키기 루루아빠 2015.10.31 3,360 0
JavaScript  🏆 마우스 오른쪽 버튼 사용시 경고 메세지 띄우기 루루아빠 2015.10.31 2,856 0
이윰  🏆 Eyoom Builder 1.1.14 패치 루루아빠 2015.10.30 3,401 0
그누•영카트  🏆 구글 웹폰트를 적용해보자 루루아빠 2015.10.27 2,724 0
이윰  🏆 Eyoom Builder 1.1.13 패치 루루아빠 2015.10.26 2,816 0
이윰  🏆 Q&A 게시판 최신글추출시 '비밀글입니다.' 를 원글 제목으로 변경하기 루루아빠 2015.10.20 2,785 0
 태그
다음 페이지
이전 페이지

🏆 게시글 랭킹 탑10

랭킹 글내용 조회
1
특정 div의 내용을 일정 시간마다 새로고침하기
루루아빠 2016-03-20 06:24 		15,339
2
영카트 5.3.2.9
shadow2fox 2019-05-30 00:39 		11,879
3
button으로 유튜브 재생 및 정지 제어하기 댓글 +1
루루아빠 2017-02-21 19:12 		10,019
4
jQuery를 이용한 링크 자동 클릭(auto click) 댓글 +2
루루아빠 2015-06-27 02:19 		8,634
5
CKeditor 4.x 소스 보기시 자동으로 공백 태그( ) 추가되는 문제 해결하기 댓글 +1
루루아빠 2016-05-20 21:53 		7,690
6
[PHP 7.2.x] count(): Parameter must be an array or an object that implements Countable 에러 해결하기 댓글 +1
shadow2fox 2020-03-09 14:37 		6,883
7
그누보드 5.4.4 댓글 +2
shadow2fox 2021-01-05 10:58 		6,811
8
modal 오픈시 modal-dialog 아래 background body 스크롤 안되게 하기
루루아빠 2015-07-16 00:05 		6,810
9
이윰빌더와 그누보드 패치시 수정할 파일들
루루아빠 2015-06-23 19:13 		6,502
10
영카트 5.0.41 패치
루루아빠 2015-07-13 14:53 		6,477