From ed66ccdcf41c84f0ad337dbd744f1d72c0eb8a27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Behmo?= Date: Sun, 31 Jan 2021 10:57:53 +0100 Subject: [PATCH] Apply security patch #26029 See: https://discuss.openedx.org/t/security-im-patch-for-xss-fixes-6/4162 --- CHANGELOG.md | 2 ++ tutor/templates/build/openedx/Dockerfile | 1 + 2 files changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d7b8cd7..5c2c0c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ Note: Breaking changes between versions are indicated by "💥". ## Unreleased +- [Security] Apply security patch [26253](https://github.com/edx/edx-platform/pull/26253). + ## v11.1.2 (2021-01-29) - [Bugfix] Fix django setting value and static asset loading in openedx-dev image diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile index 8015b3f..224b085 100644 --- a/tutor/templates/build/openedx/Dockerfile +++ b/tutor/templates/build/openedx/Dockerfile @@ -41,6 +41,7 @@ RUN curl https://github.com/edx/edx-platform/commit/fab755d80083575d3466b990cfce RUN curl https://github.com/edx/edx-platform/commit/4abb0f85df3f01b791953bb021b754a210b9a99f.patch | git apply - RUN curl https://github.com/edx/edx-platform/commit/835c5082a336a4b003fc36be4b4745a641d097d7.patch | git apply - RUN curl https://github.com/edx/edx-platform/commit/a8e7b984482ec237161bb3fe517c4b34753cbd2e.patch | git apply - +RUN curl https://github.com/edx/edx-platform/commit/5afe578528d002debca9a5074bd1ae56703264ce.patch | git apply - # Make it possible to disable learner records globally # https://github.com/edx/edx-platform/pull/25182 # https://github.com/overhangio/edx-platform/tree/overhangio/disable-learner-records-from-settings