From 6549442c0b61b62e1fe32ce2ebdbdf364d0e453b Mon Sep 17 00:00:00 2001 From: Syed Muhammad Dawoud Sheraz Ali <40599381+DawoudSheraz@users.noreply.github.com> Date: Fri, 26 Jul 2024 18:03:28 +0500 Subject: [PATCH] security: add upstream security patch in Open edX image (#1100) --- .../20240725_221432_dawoud.sheraz_july_25_security_patch.md | 1 + tutor/templates/build/openedx/Dockerfile | 5 +++++ 2 files changed, 6 insertions(+) create mode 100644 changelog.d/20240725_221432_dawoud.sheraz_july_25_security_patch.md diff --git a/changelog.d/20240725_221432_dawoud.sheraz_july_25_security_patch.md b/changelog.d/20240725_221432_dawoud.sheraz_july_25_security_patch.md new file mode 100644 index 0000000000..39a3c8e83c --- /dev/null +++ b/changelog.d/20240725_221432_dawoud.sheraz_july_25_security_patch.md @@ -0,0 +1 @@ +- [Security] Add upstream security fix as patch in Open edX image (by @dawoudsheraz) diff --git a/tutor/templates/build/openedx/Dockerfile b/tutor/templates/build/openedx/Dockerfile index c9c933266d..f89277bbee 100644 --- a/tutor/templates/build/openedx/Dockerfile +++ b/tutor/templates/build/openedx/Dockerfile @@ -53,6 +53,11 @@ RUN git config --global user.email "tutor@overhang.io" \ # Patches in nightly node {%- else %} # Patches in non-nightly mode +# Security patch around content library permissions +# https://discuss.openedx.org/t/security-upcoming-security-release-for-edx-platform-2024-07-25/13473 +# https://github.com/openedx/edx-platform/pull/35180 +RUN curl -fsSL https://github.com/openedx/edx-platform/commit/3160ff68ca4a4516375af3307fe84f22cd5e5b36.patch | git am + {%- endif %} {# Example: RUN curl -fsSL https://github.com/openedx/edx-platform/commit/.patch | git am #}