[보안패치] 그누보드 5.2.9.7 > 그누보드5 다운로드

그누보드5 다운로드

SIR은 그누보드를 만들 뿐 프로그램의 설치, 운영방법, 설정문제에 관한 도움을 드리지는 않습니다.

[보안패치] 그누보드 5.2.9.7 정보

[보안패치] 그누보드 5.2.9.7

첨부파일

첨부파일 gnuboard5.2.9.7.tar.gz (6.2M) 889회 다운로드 2017-12-07 11:53:29
첨부파일 gnuboard5.2.9.7.patch.tar.gz (269.0K) 99회 다운로드 2017-12-07 11:53:29

본문

5.3 버전에 대한 보안패치는 여러 작업이 맞물려 있어서 늦어질수 있습니다.


** 수정내역 **


그누보드 XSS 취약점 (17-876, 17-879) 수정 ( KISA 에서 알려주셨습니다. )
그누보드4 import 코드 수정
php 7.2 버전에서 오류 나는 코드 수정
htmlpurifier 4.9.3 버전의 변경
가비아 호스팅에서 설치시 에러 문제 수정
php 잘못된 숏태그 수정
그누보드4 가져오기 코드에 게시판 모바일 설정 추가 적용
최신글 캐시 파일 삭제 취약점 수정
스팸글댓글 유입을 줄이려고 링크에 nofollow 추가함 ( 구글 검색팀 에서 알려주셨습니다. )
5.2.9.7 버전 수정



https://github.com/gnuboard/gnuboard5/commit/9f89455b3cae154ac3c0ab8b5aa23b155265b4d2
https://github.com/gnuboard/gnuboard5/commit/fd1ec11ad10eda15a4c36ae65072067622d8c36d
https://github.com/gnuboard/gnuboard5/commit/6c4353fffe78c51ee70d9d028d9b6b164ae72a3c
https://github.com/gnuboard/gnuboard5/commit/907db24187183cea27edfb0788613b2365058998
https://github.com/gnuboard/gnuboard5/commit/7831d9dfb63ff44474b52f883c1b9fa935affbd6
https://github.com/gnuboard/gnuboard5/commit/19e0ea60a705d55df8e5bca93b943d21a916fa30
https://github.com/gnuboard/gnuboard5/commit/ea55f3880e45e5c9e4a5f11b31f91c4bdfc196bb
https://github.com/gnuboard/gnuboard5/commit/6bf57bd4c6fdc0645e256037dcbda532326d38b1
https://github.com/gnuboard/gnuboard5/commit/8b096e770c1ba7e44424794860d89e46013932a7
https://github.com/gnuboard/gnuboard5/commit/82279c376ba339fe814ec478da83ac8c24e7240f





bc68c4b Merge branch 'master' of github.com:gnuboard/g5
82279c3 5.2.9.7 버전 수정
M      config.php
8b096e7 스팸글댓글 유입을 줄이려고 링크에 nofollow 추가함
M      lib/common.lib.php
A      plugin/htmlpurifier/extend.video.php
6bf57bd 최신글 캐시 파일 삭제 취약점 수정
M      lib/common.lib.php
ea55f38 그누보드4 가져오기 코드에 게시판 모바일 설정 추가 적용
M      g4_import_run.php
19e0ea6 php 잘못된 숏태그 수정
M      adm/mail_select_list.php
M      adm/visit_search.php
7831d9d 가비아 호스팅에서 설치시 에러 문제 수정
M      common.php
907db24 htmlpurifier 4.9.3 버전의 변경
M      plugin/htmlpurifier/HTMLPurifier.standalone.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predicate.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowDuplicates.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt
A      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Base.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Host.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
M      plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/info.ini
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/ExtractStyleBlocks.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Filter/YouTube.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/classes/en-x-test.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-test.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en-x-testmini.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Language/messages/en.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Lexer/PH5P.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/CSSDefinition.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.css
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.js
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/ConfigForm.php
M      plugin/htmlpurifier/standalone/HTMLPurifier/Printer/HTMLDefinition.php
5a424d5 Merge branch 'master' of github.com:gnuboard/g5
6c4353f php 7.2 버전에서 오류 나는 코드 수정
M      adm/admin.lib.php
M      bbs/group.php
M      common.php
M      mobile/skin/popular/basic/popular.skin.php
M      skin/popular/basic/popular.skin.php
M      theme/basic/group.php
M      theme/basic/mobile/skin/popular/basic/popular.skin.php
M      theme/basic/skin/popular/basic/popular.skin.php
fd1ec11 그누보드4 import 코드 수정
M      g4_import_run.php
9f89455 그누보드 XSS 취약점 (17-876, 17-879) 수정
M      adm/sendmail_test.php
M      plugin/editor/smarteditor2/photo_uploader/popup/index.html
D      plugin/editor/smarteditor2/photo_uploader/popup/js/jquery-1.8.3.min.js
D      plugin/editor/smarteditor2/photo_uploader/popup/js/jquery-ui.min.js

댓글 전체

빌더를 쓰고 있거나,
기존에 소스코드를 수정해서 사용하고 있다면
해당 패치를 그대로 덮어쓰기 하면 안됩니다.

빌더를 쓴다면 패치를 해당 빌더에서 패치 해줄때까지 기다려야 합니다.
소스코드를 수정한 경우이면, php 에러 로그 보면서 소스코드를 꼼꼼히 수정해야 합니다.
게시판 게시글에 댓글형식의 답변 달고 수정하면 새로 답변이 달려서 밑에 자바스크립트 보니 comment_box에서 work 인자를 무조건 c로 보내고 있어서 수정했는데.. 혹시 저만 그런건가요?
전체 178 |RSS
그누보드5 다운로드 내용 검색

회원로그인

진행중인 포인트경매

  1. 첨단보안 역해킹과 해커박스

    참여11 회 시작17.12.15 10:22 종료17.12.20 10:22
  2. 홈플러스 모바일 쿠폰 50,000원

    참여79 회 시작17.12.13 22:51 종료17.12.18 22:51

(주)에스아이알소프트 (06253) 서울특별시 강남구 도곡로1길 14, 6층 624호 (역삼동, 삼일프라자) 대표메일:admin@sir.kr
사업자등록번호:217-81-36347 대표:홍석명 통신판매업신고번호:2014-서울강남-02098호 개인정보보호책임자:이총

© SIRSOFT