萌开源联盟社区博客

萌开源联盟社区 | 一个以新媒体和 WordPress 为核心的兴趣交流开源社群!

三万计划网

WordPress 两枚漏洞记录

wordpress-two-bugs-log-20160529-cn

目前wordpress和bbpress分别爆出了一枚漏洞。升级整个程序当然更好,不过问题是根目录下的wp-login.php和wp-includes目录里的pluggable.php需要修复bug,这问题几乎最近每个版本都有。如果你比较懒,就哪里出问题就补哪里吧!当然,最近imagemagick组件也爆出了漏洞,最好修复一下,免得出问题。这里有yeho开发出的修复脚本,你们可以看看瞧瞧!

(紧急通知:不要单独修复某个文件,可能会造成某些意外错误,我已经帮你们试过了!)

Imagemagick升级脚本-OneinStack

5月3日,图像处理软件ImageMagick就被公布出一个严重的0day漏洞(CVE-2016-3714),攻击者通过此漏洞可执行任意命令,最终窃取重要信息取得服务器控制权。

详细信息参考:https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588

该漏洞在6.9.3-10、7.0.1-1及以上版本得到修复,下面来看看OneinStack或《lnmp一键安装包》(最新下载OneinStack默认已经升级,无此漏洞)之前版本怎么来通过升级修复这个漏洞,如下:

cd /root/oneinstack #进入oneinstack工具目录 #cd /root/lnmp #如果安装使用的是lnmp tmux #进入tmux模式下,防止断网导致升级中断 wget http://mirrors.linuxeye.com/scripts/update_ImageMagick.sh #下载升级脚本 chmod +x update_ImageMagick.sh #赋权权限 ./update_ImageMagick.sh #升级,注:请勿sh或bash update_ImageMagick.sh方式执行脚本
如下图表示升级成功: update_ImageMagick
脚本内容如下(update_ImageMagick.sh):

#!/bin/bash # Author: yeho <lj2007331 AT gmail.com> # BLOG: https://blog.linuxeye.com # # Notes: OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+ # # Project home page: # http://oneinstack.com # https://github.com/lj2007331/oneinstack export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin clear printf " ####################################################################### # OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+ # # upgrade ImageMagick for OneinStack # # For more information please visit http://oneinstack.com # ####################################################################### " . ./options.conf . ./include/color.sh . ./include/download.sh ImageMagick_version=6.9.4-1 imagick_version=3.4.1 if [ -e "/usr/local/imagemagick/bin/convert" ];then OLD_ImageMagick_version=`/usr/local/imagemagick/bin/Magick-config --version | awk '{print $1}'` else echo "${CWARNING}You do not have to install Imagemagick! ${CEND}" exit 1 fi Stop_ImageMagick() { if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini" ];then /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{,_bk} elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then sed -i 's@extension.*imagick.so.*@;&@' $php_install_dir/etc/php.ini fi [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart /bin/mv /usr/local/imagemagick{,_`date +"%Y%m%d_%H%M%S"`} } Start_ImageMagick() { if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini_bk" ];then /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{_bk,} elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then sed -i 's@;extension.*imagick.so.*@extension=imagick.so@' /usr/local/php/etc/php.ini fi [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart } Check_ImageMagick() { if [ -n "`/usr/local/imagemagick/bin/convert -version | grep "$ImageMagick_version"`" ];then echo "You have ${CMSG}successfully${CEND} upgrade from ${CWARNING}$OLD_ImageMagick_version${CEND} to ${CWARNING}$ImageMagick_version${CEND}" else echo "${CWARNING}Imagemagick upgrade failed! ${CEND}" fi } Install_ImageMagick() { cd $oneinstack_dir/src src_url=http://mirrors.linuxeye.com/oneinstack/src/ImageMagick-$ImageMagick_version.tar.gz && Download_src tar xzf ImageMagick-$ImageMagick_version.tar.gz cd ImageMagick-$ImageMagick_version ./configure --prefix=/usr/local/imagemagick --enable-shared --enable-static make && make install cd .. rm -rf ImageMagick-$ImageMagick_version cd .. } Install_php-imagick() { cd $oneinstack_dir/src if [ -e "$php_install_dir/bin/phpize" ];then if [ "`$php_install_dir/bin/php -r 'echo PHP_VERSION;' | awk -F. '{print $1"."$2}'`" == '5.3' ];then src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-3.3.0.tgz && Download_src tar xzf imagick-3.3.0.tgz cd imagick-3.3.0 else src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-$imagick_version.tgz && Download_src tar xzf imagick-$imagick_version.tgz cd imagick-$imagick_version fi make clean export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig $php_install_dir/bin/phpize ./configure --with-php-config=$php_install_dir/bin/php-config --with-imagick=/usr/local/imagemagick make && make install cd .. rm -rf imagick-$imagick_version fi cd .. } Stop_ImageMagick Install_ImageMagick Install_php-imagick Start_ImageMagick Check_ImageMagickTue

May 10 21:51:18 CST 2016

4 + 2 =

回到顶部