그누보드5 보안패치 5.2.9

페이지 정보

조회 2,971회 작성일 2017-07-04 11:05 URL https://webdraw.kr/notice/484

본문

** 수정내역 ** 

 

게시판에서 특수문자 일부 입력시 캐쉬 파일 생성 오류 수정 

그누보드 AND 검색을 이용한 취약점 수정 (17-455) ( KISA 에서 제보해 주셨습니다. ) 

1:1 문의 페이징 오류 수정 ( 진서기 님이 알려주셨습니다. ) 

cheditor js 업로드 수정 

스마트에디터 2.9.0 버전으로 수정 

게시판 글쓰기시 버튼도 토큰 적용되도록 수정 

코멘트 폼 및 게시판 패스워드 action url에 https 처리 ( 해피정 님이 알려주셨습니다. ) 

kcaptcha https 적용이 안되는 오류 수정 ( 신비 님이 알려주셨습니다. ) 

그누보드 글 수정 XSS 취약점 수정 ( 17-454 ) ( KISA 에서 제보해 주셨습니다. ) 

게시판 본문의 url 자동 링크 소스 수정 

 

https://github.com/gnuboard/gnuboard5/commit/6a41d655def43cade60ab6bfefa47dd5acd6e372 

https://github.com/gnuboard/gnuboard5/commit/ce9517885ba5797c0708f1b7b2f5208095597a61 

https://github.com/gnuboard/gnuboard5/commit/e9afe3fdae7c96d2acf1575da4ad29e07a2aefcb 

https://github.com/gnuboard/gnuboard5/commit/02c29c137ca34e2cc08dbc8b586440f255b9be18 

https://github.com/gnuboard/gnuboard5/commit/31cdf100112b7f5656fd351d415dc79e80c24800 

https://github.com/gnuboard/gnuboard5/commit/bb99c050b6a10c432cb8d8d842e59a33c91b3744 

https://github.com/gnuboard/gnuboard5/commit/7bb40dd8828264f8ddceb2ba0db3da4e9ba2d435 

https://github.com/gnuboard/gnuboard5/commit/5bd16c0e77370238de6d7124c7b91a70884bd38e 

https://github.com/gnuboard/gnuboard5/commit/94f25f73fac224aa5c460306afd203558bde6322 

https://github.com/gnuboard/gnuboard5/commit/2b2d558c874401dd554cd5199933aa668b2e09a2 

https://github.com/gnuboard/gnuboard5/commit/0d19b012299bdba1d04a4906a772103fd12f3e7a 

 

 

0d19b01 5.2.9 버전 변경 

M config.php 

D plugin/editor/smarteditor2/SmartEditor2.html 

2b2d558 게시판 본문의 url 자동 링크 소스 수정 

M lib/common.lib.php 

94f25f7 그누보드 글 수정 XSS 취약점 수정 ( 17-454 ) 

M bbs/write.php 

5bd16c0 kcaptcha https 적용이 안되는 오류 수정 

M plugin/kcaptcha/kcaptcha.lib.php 

7bb40dd 코멘트 폼 및 게시판 패스워드 action url에 https 처리 

M bbs/delete.php 

M bbs/delete_all.php 

M bbs/delete_comment.php 

M bbs/password.php 

M bbs/view_comment.php 

M bbs/write_comment_update.php 

M skin/board/basic/view_comment.skin.php 

M skin/board/gallery/view_comment.skin.php 

M theme/basic/skin/board/basic/view_comment.skin.php 

M theme/basic/skin/board/gallery/view_comment.skin.php 

bb99c05 게시판 글쓰기시 버튼도 토큰 적용되도록 수정 

M js/common.js 

31cdf10 스마트에디터 2.9.0 버전으로 수정 

A plugin/editor/smarteditor2/SmartEditor2.html 

M plugin/editor/smarteditor2/SmartEditor2Skin.html 

A plugin/editor/smarteditor2/SmartEditor2Skin_en_US.html 

A plugin/editor/smarteditor2/SmartEditor2Skin_ja_JP.html 

A plugin/editor/smarteditor2/SmartEditor2Skin_ko_KR.html 

A plugin/editor/smarteditor2/SmartEditor2Skin_zh_CN.html 

A plugin/editor/smarteditor2/SmartEditor2Skin_zh_TW.html 

A plugin/editor/smarteditor2/SmartEditor2noframe.html 

M plugin/editor/smarteditor2/config.js 

A plugin/editor/smarteditor2/css/en_US/smart_editor2.css 

A plugin/editor/smarteditor2/css/en_US/smart_editor2_in.css 

A plugin/editor/smarteditor2/css/en_US/smart_editor2_items.css 

A plugin/editor/smarteditor2/css/en_US/smart_editor2_out.css 

A plugin/editor/smarteditor2/css/ja_JP/smart_editor2.css 

A plugin/editor/smarteditor2/css/ja_JP/smart_editor2_in.css 

A plugin/editor/smarteditor2/css/ja_JP/smart_editor2_items.css 

A plugin/editor/smarteditor2/css/ja_JP/smart_editor2_out.css 

A plugin/editor/smarteditor2/css/ko_KR/smart_editor2.css 

A plugin/editor/smarteditor2/css/ko_KR/smart_editor2_in.css 

A plugin/editor/smarteditor2/css/ko_KR/smart_editor2_items.css 

A plugin/editor/smarteditor2/css/ko_KR/smart_editor2_out.css 

A plugin/editor/smarteditor2/css/zh_CN/smart_editor2.css 

A plugin/editor/smarteditor2/css/zh_CN/smart_editor2_in.css 

A plugin/editor/smarteditor2/css/zh_CN/smart_editor2_items.css 

A plugin/editor/smarteditor2/css/zh_CN/smart_editor2_out.css 

A plugin/editor/smarteditor2/css/zh_TW/smart_editor2.css 

A plugin/editor/smarteditor2/css/zh_TW/smart_editor2_in.css 

A plugin/editor/smarteditor2/css/zh_TW/smart_editor2_items.css 

A plugin/editor/smarteditor2/css/zh_TW/smart_editor2_out.css 

M plugin/editor/smarteditor2/editor.lib.php 

A plugin/editor/smarteditor2/img/bg_spell.gif 

A plugin/editor/smarteditor2/img/bx_set_110302.gif 

A plugin/editor/smarteditor2/img/en_US/btn_set.png 

A plugin/editor/smarteditor2/img/en_US/text_tool_set.png 

M plugin/editor/smarteditor2/img/icon_set.gif 

A plugin/editor/smarteditor2/img/ja_JP/btn_set.png 

A plugin/editor/smarteditor2/img/ja_JP/text_tool_set.png 

M plugin/editor/smarteditor2/img/ko_KR/btn_set.png 

M plugin/editor/smarteditor2/img/ko_KR/text_tool_set.png 

A plugin/editor/smarteditor2/img/zh_CN/btn_set.png 

A plugin/editor/smarteditor2/img/zh_CN/text_tool_set.png 

A plugin/editor/smarteditor2/img/zh_TW/btn_set.png 

A plugin/editor/smarteditor2/img/zh_TW/text_tool_set.png 

D plugin/editor/smarteditor2/js/HuskyEZCreator.js 

D plugin/editor/smarteditor2/js/SE2B_Configuration_General.js 

D plugin/editor/smarteditor2/js/SE2B_Configuration_Service.js 

D plugin/editor/smarteditor2/js/SE2BasicCreator.js 

D plugin/editor/smarteditor2/js/SE2M_Configuration.js 

D plugin/editor/smarteditor2/js/jindo.min.js 

D plugin/editor/smarteditor2/js/jindo_component.js 

M plugin/editor/smarteditor2/js/lib/jindo2.all.js 

M plugin/editor/smarteditor2/js/lib/jindo_component.js 

A plugin/editor/smarteditor2/js/service/HuskyEZCreator.js 

A plugin/editor/smarteditor2/js/service/SE2BasicCreator.js 

A plugin/editor/smarteditor2/js/service/SE2M_Configuration.js 

A plugin/editor/smarteditor2/js/service/hp_SE_OuterIFrameControl.js 

A plugin/editor/smarteditor2/js/service/hp_SE_ToolbarToggler.js 

A plugin/editor/smarteditor2/js/service/husky_SE2B_Lang_en_US.js 

A plugin/editor/smarteditor2/js/service/husky_SE2B_Lang_ja_JP.js 

A plugin/editor/smarteditor2/js/service/husky_SE2B_Lang_ko_KR.js 

A plugin/editor/smarteditor2/js/service/husky_SE2B_Lang_zh_CN.js 

A plugin/editor/smarteditor2/js/service/husky_SE2B_Lang_zh_TW.js 

M plugin/editor/smarteditor2/js/smarteditor2.js 

M plugin/editor/smarteditor2/js/smarteditor2.min.js 

M plugin/editor/smarteditor2/smart_editor2_inputarea.html 

M plugin/editor/smarteditor2/smart_editor2_inputarea_ie8.html 

02c29c1 cheditor js 업로드 수정 

M plugin/editor/cheditor5/cheditor.js 

e9afe3f 1:1 문의 페이징 오류 수정 

M bbs/qalist.php 

ce95178 그누보드 AND 검색을 이용한 취약점 수정 (17-455) 

M bbs/search.php 

6a41d65 게시판에서 특수문자 일부 입력시 캐쉬 파일 생성 오류 수정 

M adm/board_copy_update.php 

M lib/latest.lib.php


MENU