Skip to content

Commit 656f83b

Browse files
author
gau1991
committed
Merge branch 'master' into stable
2 parents f12909f + c9deb48 commit 656f83b

File tree

5 files changed

+17
-6
lines changed

5 files changed

+17
-6
lines changed

CHANGELOG.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
v 3.1.4 - May 7, 2015
2+
- Fixed XSS Vulnerability found in some WordPress themes and plugins
3+
14
v 3.1.3 - May 6, 2015
25
- EasyEngine now fixes missing GPG keys automatically, fixes #470
36
- Fixed Nginx hash bucket issue, fixes #449

ee/cli/templates/locations.mustache

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,8 @@ location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$
3333
access_log off;
3434
log_not_found off;
3535
}
36-
# Return 403 forbidden for readme.(txt|html) or license.(txt|html)
37-
if ($request_uri ~* "^.+(readme|license)\.(txt|html)$") {
36+
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
37+
if ($request_uri ~* "^.+(readme|license|example)\.(txt|html)$") {
3838
return 403;
3939
}
4040
# Status pages

ee/core/variables.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ class EEVariables():
1212
"""Intialization of core variables"""
1313

1414
# EasyEngine version
15-
ee_version = "3.1.3"
15+
ee_version = "3.1.4"
1616

1717
# EasyEngine packages versions
1818
ee_wp_cli = "0.19.0"

install

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ fi
4848
# Define variables for later use
4949
ee_branch=$1
5050
readonly ee_version_old="2.2.3"
51-
readonly ee_version_new="3.1.3"
51+
readonly ee_version_new="3.1.4"
5252
readonly ee_log_dir=/var/log/ee/
5353
readonly ee_install_log=/var/log/ee/install.log
5454
readonly ee_linux_distro=$(lsb_release -i | awk '{print $3}')
@@ -305,6 +305,14 @@ function ee_update_latest()
305305
if [ $? -eq 0 ]; then
306306
update-rc.d hhvm defaults &>> /dev/null
307307
fi
308+
309+
# Fix WordPress example.html issue
310+
# Ref: http://wptavern.com/xss-vulnerability-in-jetpack-and-the-twenty-fifteen-default-theme-affects-millions-of-wordpress-users
311+
dpkg --get-selections | grep -v deinstall | grep nginx &>> /dev/null
312+
if [ $? -eq 0 ]; then
313+
cp /usr/lib/ee/templates/locations.mustache /etc/nginx/common/locations.conf &>> /dev/null
314+
fi
315+
308316
}
309317

310318
# Do git intialisation
@@ -361,8 +369,8 @@ else
361369
ee_install_dep | tee -ai $ee_install_log
362370
ee_sync_db 2&>>1 $EE_INSTALL_LOG
363371
secure_ee_db | tee -ai $EE_INSTALL_LOG
364-
ee_update_latest | tee -ai $ee_install_log
365372
ee_install | tee -ai $ee_install_log
373+
ee_update_latest | tee -ai $ee_install_log
366374
ee_git_init | tee -ai $ee_install_log
367375
service nginx reload &>> /dev/null
368376
service php5-fpm restart &>> /dev/null

setup.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@
5454
os.system("git config --global user.email {0}".format(ee_email))
5555

5656
setup(name='ee',
57-
version='3.1.3',
57+
version='3.1.4',
5858
description=long_description,
5959
long_description=long_description,
6060
classifiers=[],

0 commit comments

Comments
 (0)