From 0435483e14f2b37afcd21f6bdea1c569ceb87fac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Behmo?= Date: Mon, 11 Jan 2021 14:19:50 +0100 Subject: [PATCH] Apply security patch #26029 See: https://discuss.openedx.org/t/security-im-patch-for-xss-fixes-4/3997 --- CHANGELOG.md | 4 ++++ tutor/templates/build/openedx/Dockerfile | 1 + 2 files changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2546916..e37fc8a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ Note: Breaking changes between versions are indicated by "💥". +## Unreleased + +- [Security] Apply security patch [26029](https://github.com/edx/edx-platform/pull/26029) + ## v11.0.6 (2021-01-05) - [Security] Apply security patch [25974](https://github.com/edx/edx-platform/pull/25974) diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile index a793a29..a0433e7 100644 --- a/tutor/templates/build/openedx/Dockerfile +++ b/tutor/templates/build/openedx/Dockerfile @@ -39,6 +39,7 @@ WORKDIR /openedx/edx-platform # Apply security fixes RUN curl https://github.com/edx/edx-platform/commit/fab755d80083575d3466b990cfcef3b9fd97e755.patch | git apply - RUN curl https://github.com/edx/edx-platform/commit/4abb0f85df3f01b791953bb021b754a210b9a99f.patch | git apply - +RUN curl https://github.com/edx/edx-platform/commit/835c5082a336a4b003fc36be4b4745a641d097d7.patch | git apply - # Make it possible to disable learner records globally # https://github.com/edx/edx-platform/pull/25182 # https://github.com/overhangio/edx-platform/tree/overhangio/disable-learner-records-from-settings