diff options
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch')
-rw-r--r-- | meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch new file mode 100644 index 0000000000..2eec4bf327 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch @@ -0,0 +1,36 @@ +From 4943334fd9bf7dffd49f9e86251ad40b3efe2135 Mon Sep 17 00:00:00 2001 +From: Wang Mingyu <wangmy@cn.fujitsu.com> +Date: Fri, 11 Dec 2020 17:02:20 +0900 +Subject: [PATCH] Fix bug for CVE-2020-15803 + +Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> +--- + frontends/php/include/classes/html/CIFrame.php | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/frontends/php/include/classes/html/CIFrame.php b/frontends/php/include/classes/html/CIFrame.php +index 32220cd..70f2ab5 100644 +--- a/frontends/php/include/classes/html/CIFrame.php ++++ b/frontends/php/include/classes/html/CIFrame.php +@@ -29,6 +29,7 @@ class CIFrame extends CTag { + $this->setHeight($height); + $this->setScrolling($scrolling); + $this->setId($id); ++ $this->setSandbox(); + } + + public function setSrc($value = null) { +@@ -69,4 +70,10 @@ class CIFrame extends CTag { + $this->setAttribute('scrolling', $value); + return $this; + } ++ ++ private function setSandbox() { ++ if (ZBX_IFRAME_SANDBOX !== false) { ++ $this->setAttribute('sandbox', ZBX_IFRAME_SANDBOX); ++ } ++ } + } +-- +2.25.1 + |