영카트5 보안패치 5.2.9.7

페이지 정보

조회 2,201회 작성일 2017-12-07 12:39 URL https://webdraw.kr/notice/502

본문

그누보드 XSS 취약점 (17-876, 17-879) 수정 

그누보드4 import 코드 수정 

php 7.2 버전에서 오류 나는 코드 수정 

htmlpurifier 4.9.3 버전의 변경 

가비아 호스팅에서 설치시 에러 문제 수정 

php 잘못된 숏태그 수정 

그누보드4 가져오기 코드에 게시판 모바일 설정 추가 적용 

최신글 캐시 파일 삭제 취약점 수정 

php 7.2 에서 오류나는 부분 수정 

영카트CSS 취약점(17-880) 수정 

스팸글댓글 유입을 줄이려고 링크에 nofollow 추가함 

5.2.9.7 버전변경 





https://github.com/gnuboard/youngcart5/commit/a12c97cf5ff6fc39f1ab3ec25872a05a02d767d3 

https://github.com/gnuboard/youngcart5/commit/c748da6e7e55cdb80c86b92b1fef12e8b5ce916b 

https://github.com/gnuboard/youngcart5/commit/a9c4fcc6156b392efc3834d9391d6eb3e7927959 

https://github.com/gnuboard/youngcart5/commit/d1d037f12a455523b9f15153025f4a3355903c2b 

https://github.com/gnuboard/youngcart5/commit/c2f89022d982a27bb7869f3524d9a3525084a59e 

https://github.com/gnuboard/youngcart5/commit/65eefaf28dfbf56b34b7ed39c97da92728f5f7db 

https://github.com/gnuboard/youngcart5/commit/3f37a089d7c92d916a686271d92b9282f01dd1bd 

https://github.com/gnuboard/youngcart5/commit/6c91802d9369068cfd5ffeca1465ce1031db672c 

https://github.com/gnuboard/youngcart5/commit/5d723627c4869c25e835f76d2b70ae81b8885309 

https://github.com/gnuboard/youngcart5/commit/1afe8fef794bf211686196c9ec0dff8641d296fc 

https://github.com/gnuboard/youngcart5/commit/d31e53aa9407c69b7a1876d033702ae4f705596d 

https://github.com/gnuboard/youngcart5/commit/4bfe28e8bb661e068bb5c354a502941c9b8ce748 





4bfe28e 5.2.9.7 버전변경 

M      config.php 

d31e53a 스팸글댓글 유입을 줄이려고 링크에 nofollow 추가함 

M      lib/common.lib.php 

A      plugin/htmlpurifier/extend.video.php 

1afe8fe 영카트CSS 취약점(17-880) 수정 

M      adm/shop_admin/coupontarget.php 

5d72362 php 7.2 에서 오류나는 부분 수정 

M      adm/shop_admin/itemformupdate.php 

6c91802 최신글 캐시 파일 삭제 취약점 수정 

M      lib/common.lib.php 

3f37a08 그누보드4 가져오기 코드에 게시판 모바일 설정 추가 적용 

M      g4_import_run.php 

65eefaf php 잘못된 숏태그 수정 

M      adm/mail_select_list.php 

M      adm/visit_search.php 

c2f8902 가비아 호스팅에서 설치시 에러 문제 수정 

M      common.php 

d1d037f htmlpurifier 4.9.3 버전의 변경 

M      plugin/htmlpurifier/HTMLPurifier.standalone.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predicate.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowDuplicates.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt 

A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt 

A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt 

A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Base.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Host.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt 

M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/info.ini 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/ExtractStyleBlocks.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/YouTube.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/classes/en-x-test.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-test.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-testmini.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Lexer/PH5P.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/CSSDefinition.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.css 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.js 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.php 

M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/HTMLDefinition.php 

a9c4fcc php 7.2 버전에서 오류 나는 코드 수정 

M      adm/admin.lib.php 

M      bbs/group.php 

M      common.php 

M      mobile/skin/popular/basic/popular.skin.php 

M      skin/popular/basic/popular.skin.php 

M      theme/basic/group.php 

M      theme/basic/mobile/skin/popular/basic/popular.skin.php 

M      theme/basic/skin/popular/basic/popular.skin.php 

c748da6 그누보드4 import 코드 수정 

M      g4_import_run.php 

a12c97c 그누보드 XSS 취약점 (17-876, 17-879) 수정 

M      adm/sendmail_test.php 

M      plugin/editor/smarteditor2/photo_uploader/popup/index.html 

D      plugin/editor/smarteditor2/photo_uploader/popup/js/jquery-1.8.3.min.js 

D      plugin/editor/smarteditor2/photo_uploader/popup/js/jquery-ui.min.js


MENU