From 0f44d32147cafb8be4d7b71941add63e4fa587a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Behmo?= <regis@behmo.com>
Date: Wed, 9 Dec 2020 13:33:31 +0100
Subject: [PATCH] Apply upstream security patch

---
 CHANGELOG.md                             | 2 ++
 tutor/templates/build/openedx/Dockerfile | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fa11a7f..e5e04e0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@ Note: Breaking changes between versions are indicated by "💥".
 
 ## Unreleased
 
+- [Security] Apply upstream edx-platform [security patch](https://github.com/edx/edx-platform/pull/25782)
+
 ## v10.5.2 (2020-12-07)
 
 - [Improvement] Increase the timeout of the gunicorn worker command in openedx Dockerfile
diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile
index fc8e0b4..2cf8ed6 100644
--- a/tutor/templates/build/openedx/Dockerfile
+++ b/tutor/templates/build/openedx/Dockerfile
@@ -54,7 +54,9 @@ RUN curl https://github.com/edx/edx-platform/commit/80fa2cae128e2a1fd8ab298351b7
 # https://github.com/edx/edx-platform/pull/25182
 # https://github.com/overhangio/edx-platform/tree/overhangio/disable-learner-records-from-settings
 RUN curl https://github.com/overhangio/edx-platform/commit/58f20a0547355080eeee346104a1719ad806902e.patch | git apply -
-
+# Fix security issues
+# https://github.com/edx/edx-platform/pull/25782/commits
+RUN curl https://github.com/edx/edx-platform/commit/c03857b78d6204ed3b9a3093367348ebfaaf7d04.patch | git apply -
 
 ###### Download extra locales to /openedx/locale/contrib/locale
 FROM minimal as locales