From c33bd7c892c4390fbe42bb0058f13dae4db33c24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Behmo?= <regis@behmo.com>
Date: Thu, 12 Aug 2021 16:47:12 +0200
Subject: [PATCH] Apply security patch #28442

See: https://discuss.openedx.org/t/security-patch-for-xxe-vulnerability-in-course-import/5575
---
 CHANGELOG.md                             | 2 ++
 tutor/templates/build/openedx/Dockerfile | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b62d0a4..1f75583 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@ Note: Breaking changes between versions are indicated by "💥".
 
 ## Unreleased
 
+- [Security] Apply security patch [28442](https://github.com/edx/edx-platform/pull/28442).
+
 ## v12.0.3 (2021-08-10)
 
 - [Improvement] Upgrade all services to open-release/lilac.2.
diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile
index 76366a8..a06aa9a 100644
--- a/tutor/templates/build/openedx/Dockerfile
+++ b/tutor/templates/build/openedx/Dockerfile
@@ -40,7 +40,8 @@ WORKDIR /openedx/edx-platform
 {{ patch("openedx-dockerfile-git-patches-default") }}
 {% else %}
 # Patch edx-platform
-# RUN curl https://github.com/overhangio/edx-platform/commit/<sha1>.patch | git apply -
+# RUN curl --silent https://github.com/overhangio/edx-platform/commit/<sha1>.patch | git apply -
+RUN curl --silent https://github.com/overhangio/edx-platform/commit/8ecc1903ca9170a719c0e63e99fb231822eb26d8.patch | git apply -
 {% endif %}
 
 ###### Download extra locales to /openedx/locale/contrib/locale