Add patch to fix webserver ACLs.

parent a9ac0d14
movim (0.14.1-5) unstable; urgency=medium
* Team upload.
[ Thorsten Glaser ]
* Add patch to fix emojis being replaced by the wrong images.
-- Thorsten Glaser <tg@mirbsd.de> Wed, 08 May 2019 20:59:42 +0200
[ Dominik George ]
* Add patch to add correct ACLs to webserver configs. (Closes: #928209)
-- Dominik George <natureshadow@debian.org> Wed, 08 May 2019 22:38:32 +0200
movim (0.14.1-4) unstable; urgency=medium
......
Subject: Fix ACLs in webserver configs.
From: Dominik George <natureshadow@debian.org>
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928209
--- a/etc/apache2/conf-available/movim.conf
+++ b/etc/apache2/conf-available/movim.conf
@@ -7,8 +7,19 @@ Alias /movim/ /usr/share/movim/
AllowOverride FileInfo Options
</Directory>
-<Directory /var/lib/movim/cache/>
+<Directory /var/cache/movim>
Options -Indexes
+
+ <FilesMatch "\.jpg$">
+ Require all granted
+ </FilesMatch>
+ <FilesMatch ".$">
+ Require all denied
+ </FilesMatch>
+</Directory>
+
+<Directory /var/log/movim>
+ Require all denied
</Directory>
<Location /movim/>
--- a/etc/nginx/conf.d/movim.conf
+++ b/etc/nginx/conf.d/movim.conf
@@ -17,6 +17,10 @@ location /movim/ {
}
location /movim/cache/ {
- deny all;
+ location ~ \.jpg$ {
+ }
+ location ~ . {
+ deny all;
+ }
}
}
......@@ -6,3 +6,4 @@ fix_924429.diff
fix_924431.diff
fix_924432.diff
issue-835.diff
fix_928209.diff
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment