beenull/photoprism
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Upgrade Exiftool to fix security issue #1302

Browse source
This commit is contained in:
Michael Mayer 2021-05-19 13:24:11 +02:00
parent af382db80d
commit 24b5c7e650
6 changed files with 23 additions and 107 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Dockerfile
View file

@ -1,4 +1,4 @@
FROM photoprism/development:20210515
FROM photoprism/development:20210519
# Set up project directory
WORKDIR "/go/src/github.com/photoprism/photoprism"

5
docker/development/Dockerfile
View file

@ -85,6 +85,11 @@ RUN curl -L \
tar -C "/usr" -xz && \
ldconfig
# Update Exiftool, see https://ubuntu.com/security/CVE-2021-22204
RUN wget "http://launchpadlibrarian.net/536122424/libimage-exiftool-perl_12.16+dfsg-2_all.deb" -O /tmp/libimage-exiftool-perl.deb && \
dpkg -i /tmp/libimage-exiftool-perl.deb && \
rm /tmp/libimage-exiftool-perl.deb
# Install NodeJS
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash -
RUN add-apt-repository -y ppa:saiarcot895/chromium-beta && \

7
docker/photoprism/Dockerfile
View file

@ -1,4 +1,4 @@
FROM photoprism/development:20210515 as build
FROM photoprism/development:20210519 as build
# Set up project directory
WORKDIR "/go/src/github.com/photoprism/photoprism"
@ -93,6 +93,11 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Update Exiftool, see https://ubuntu.com/security/CVE-2021-22204
RUN wget "http://launchpadlibrarian.net/536122424/libimage-exiftool-perl_12.16+dfsg-2_all.deb" -O /tmp/libimage-exiftool-perl.deb && \
dpkg -i /tmp/libimage-exiftool-perl.deb && \
rm /tmp/libimage-exiftool-perl.deb
# Copy dependencies
COPY --from=build /go/bin/gosu /bin/gosu
COPY --from=build /usr/lib/libtensorflow.so /usr/lib/libtensorflow.so

5
docker/photoprism/arm32/Dockerfile
View file

@ -46,6 +46,11 @@ RUN apt-get update && apt-get upgrade && \
tzdata \
gconf-service
# Update Exiftool, see https://ubuntu.com/security/CVE-2021-22204
RUN wget "http://launchpadlibrarian.net/536122424/libimage-exiftool-perl_12.16+dfsg-2_all.deb" -O /tmp/libimage-exiftool-perl.deb && \
dpkg -i /tmp/libimage-exiftool-perl.deb && \
rm /tmp/libimage-exiftool-perl.deb
# Install & configure TensorFlow for C
#
# Big thank you to Qengineering for building this!

7
docker/photoprism/arm64/Dockerfile
View file

@ -14,7 +14,7 @@ RUN echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80retry && \
echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissin
# Install dev / build dependencies
RUN apt-get update && apt-get upgrade && \
RUN apt-get update && apt-get dist-upgrade && \
apt-get install \
gpgv \
build-essential \
@ -46,6 +46,11 @@ RUN apt-get update && apt-get upgrade && \
tzdata \
gconf-service
# Update Exiftool, see https://ubuntu.com/security/CVE-2021-22204
RUN wget "http://launchpadlibrarian.net/536122424/libimage-exiftool-perl_12.16+dfsg-2_all.deb" -O /tmp/libimage-exiftool-perl.deb && \
dpkg -i /tmp/libimage-exiftool-perl.deb && \
rm /tmp/libimage-exiftool-perl.deb
# Install & configure TensorFlow for C
#
# Big thank you to Guy Sheffer for building this!

104
frontend/package-lock.json generated
View file

@ -1687,39 +1687,6 @@
"node": ">=0.10.0"
}
},
"node_modules/@vue/reactivity": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.0.11.tgz",
"integrity": "sha512-SKM3YKxtXHBPMf7yufXeBhCZ4XZDKP9/iXeQSC8bBO3ivBuzAi4aZi0bNoeE2IF2iGfP/AHEt1OU4ARj4ao/Xw==",
"optional": true,
"peer": true,
"dependencies": {
"@vue/shared": "3.0.11"
}
},
"node_modules/@vue/runtime-core": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.0.11.tgz",
"integrity": "sha512-87XPNwHfz9JkmOlayBeCCfMh9PT2NBnv795DSbi//C/RaAnc/bGZgECjmkD7oXJ526BZbgk9QZBPdFT8KMxkAg==",
"optional": true,
"peer": true,
"dependencies": {
"@vue/reactivity": "3.0.11",
"@vue/shared": "3.0.11"
}
},
"node_modules/@vue/runtime-dom": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.0.11.tgz",
"integrity": "sha512-jm3FVQESY3y2hKZ2wlkcmFDDyqaPyU3p1IdAX92zTNeCH7I8zZ37PtlE1b9NlCtzV53WjB4TZAYh9yDCMIEumA==",
"optional": true,
"peer": true,
"dependencies": {
"@vue/runtime-core": "3.0.11",
"@vue/shared": "3.0.11",
"csstype": "^2.6.8"
}
},
"node_modules/@vue/shared": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.0.11.tgz",
@ -4150,13 +4117,6 @@
"node": ">=0.10.0"
}
},
"node_modules/csstype": {
"version": "2.6.17",
"resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.17.tgz",
"integrity": "sha512-u1wmTI1jJGzCJzWndZo8mk4wnPTZd1eOIYTYvuEyOQGfmDl3TrabCCfKnOC86FZwW/9djqTl933UF/cS425i9A==",
"optional": true,
"peer": true
},
"node_modules/cuint": {
"version": "0.2.2",
"resolved": "https://registry.npmjs.org/cuint/-/cuint-0.2.2.tgz",
@ -4699,18 +4659,6 @@
"node": ">=0.10.0"
}
},
"node_modules/easygettext/node_modules/vue": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/vue/-/vue-3.0.11.tgz",
"integrity": "sha512-3/eUi4InQz8MPzruHYSTQPxtM3LdZ1/S/BvaU021zBnZi0laRUyH6pfuE4wtUeLvI8wmUNwj5wrZFvbHUXL9dw==",
"optional": true,
"peer": true,
"dependencies": {
"@vue/compiler-dom": "3.0.11",
"@vue/runtime-dom": "3.0.11",
"@vue/shared": "3.0.11"
}
},
"node_modules/easygettext/node_modules/yallist": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",
@ -16741,39 +16689,6 @@
}
}
},
"@vue/reactivity": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.0.11.tgz",
"integrity": "sha512-SKM3YKxtXHBPMf7yufXeBhCZ4XZDKP9/iXeQSC8bBO3ivBuzAi4aZi0bNoeE2IF2iGfP/AHEt1OU4ARj4ao/Xw==",
"optional": true,
"peer": true,
"requires": {
"@vue/shared": "3.0.11"
}
},
"@vue/runtime-core": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.0.11.tgz",
"integrity": "sha512-87XPNwHfz9JkmOlayBeCCfMh9PT2NBnv795DSbi//C/RaAnc/bGZgECjmkD7oXJ526BZbgk9QZBPdFT8KMxkAg==",
"optional": true,
"peer": true,
"requires": {
"@vue/reactivity": "3.0.11",
"@vue/shared": "3.0.11"
}
},
"@vue/runtime-dom": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.0.11.tgz",
"integrity": "sha512-jm3FVQESY3y2hKZ2wlkcmFDDyqaPyU3p1IdAX92zTNeCH7I8zZ37PtlE1b9NlCtzV53WjB4TZAYh9yDCMIEumA==",
"optional": true,
"peer": true,
"requires": {
"@vue/runtime-core": "3.0.11",
"@vue/shared": "3.0.11",
"csstype": "^2.6.8"
}
},
"@vue/shared": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.0.11.tgz",
@ -18726,13 +18641,6 @@
}
}
},
"csstype": {
"version": "2.6.17",
"resolved": "https://registry.npmjs.org/csstype/-/csstype-2.6.17.tgz",
"integrity": "sha512-u1wmTI1jJGzCJzWndZo8mk4wnPTZd1eOIYTYvuEyOQGfmDl3TrabCCfKnOC86FZwW/9djqTl933UF/cS425i9A==",
"optional": true,
"peer": true
},
"cuint": {
"version": "0.2.2",
"resolved": "https://registry.npmjs.org/cuint/-/cuint-0.2.2.tgz",
@ -19147,18 +19055,6 @@
"integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
"optional": true
},
"vue": {
"version": "3.0.11",
"resolved": "https://registry.npmjs.org/vue/-/vue-3.0.11.tgz",
"integrity": "sha512-3/eUi4InQz8MPzruHYSTQPxtM3LdZ1/S/BvaU021zBnZi0laRUyH6pfuE4wtUeLvI8wmUNwj5wrZFvbHUXL9dw==",
"optional": true,
"peer": true,
"requires": {
"@vue/compiler-dom": "3.0.11",
"@vue/runtime-dom": "3.0.11",
"@vue/shared": "3.0.11"
}
},
"yallist": {
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz",