-
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Conflue…
…nce Data Center and Confluence Server
- Loading branch information
1 parent
a6df3c3
commit 9206be4
Showing
119 changed files
with
5,102 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
FROM debian:buster | ||
MAINTAINER Anatoliy Zimovskiy <[email protected]> | ||
|
||
ENV DEBIAN_FRONTEND noninteractive | ||
|
||
#editing sources list | ||
RUN rm /etc/apt/sources.list | ||
COPY sources.list /etc/apt/sources.list | ||
COPY locale.gen /etc/locale.gen | ||
|
||
# fix errors | ||
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections | ||
|
||
#installing utils | ||
RUN apt-get update && apt-get install -y --allow-unauthenticated ca-certificates gnupg sudo apt-transport-https lsb-release apt-utils locales console-cyrillic wget curl htop mc tmux iftop cmatrix iputils-ping cmatrix-xfont lsof lynx fontconfig smbclient nano | ||
|
||
#installing nginx repo | ||
RUN wget -O /etc/apt/trusted.gpg.d/nginx-mainline.gpg https://packages.sury.org/nginx-mainline/apt.gpg | ||
RUN sh -c 'echo "deb https://packages.sury.org/nginx-mainline/ buster main" > /etc/apt/sources.list.d/nginx-mainline.list' | ||
|
||
#installing packages | ||
RUN apt-get update && apt-get install -y --allow-unauthenticated libgd-tools geoip-bin nginx-doc ssl-cert nginx-extras openssl libnginx-mod-http-cache-purge libnginx-mod-http-dav-ext libnginx-mod-http-geoip libnginx-mod-http-headers-more-filter libnginx-mod-http-lua libnginx-mod-http-uploadprogress libnginx-mod-mail libnginx-mod-stream libnginx-mod-http-xslt-filter | ||
|
||
RUN ln -sf /dev/stdout /var/log/nginx/access.log && \ | ||
ln -sf /dev/stderr /var/log/nginx/error.log | ||
|
||
#After install fixes | ||
RUN localedef en_US.UTF-8 -i en_US -f UTF-8 | ||
RUN update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 | ||
RUN apt update | ||
RUN apt upgrade -y | ||
RUN apt dist-upgrade -y | ||
RUN apt-get clean autoclean | ||
RUN apt-get autoremove -y | ||
RUN rm -rf /var/lib/apt/lists/* | ||
|
||
#final config | ||
VOLUME ["/var/cache/nginx"] | ||
EXPOSE 80 443 | ||
|
||
CMD ["nginx", "-g", "daemon off;"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
all: nginx | ||
|
||
nginx: | ||
docker build --compress -t epicmorg/balancer:legacy . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Compose example | ||
|
||
```yml | ||
version: '3.7' | ||
services: | ||
balancer: | ||
image: epicmorg/balancer | ||
restart: unless-stopped | ||
ports: | ||
- "0.0.0.0:80:80" | ||
- "0.0.0.0:443:443" | ||
volumes: | ||
- /etc/localtime:/etc/localtime | ||
- /etc/timezone:/etc/timezone | ||
- /etc/letsencrypt:/etc/letsencrypt | ||
- nginx:/etc/nginx | ||
- nginx-usr:/usr/share/nginx/html | ||
- /var/lib/nginx | ||
# extra_hosts: | ||
# - "example.com:192.168.0.11" | ||
depends_on: | ||
- websites | ||
tmpfs: | ||
- /tmp | ||
volumes: | ||
nginx: | ||
external: true | ||
nginx-usr: | ||
external: true | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# Difference between images | ||
|
||
* `base` - main image based from debian `buster-slim` with enhanced `sources.list`. | ||
* `edge` - more recent system image. based on `base` image with switched to `sid` (`sid-slim`) update-channel. | ||
* `devel` - just enhanced `edge` image with preinstalled some pre requirements. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
FROM epicmorg/devel | ||
LABEL maintainer="EpicMorg DevTeam, [email protected]" | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
################################################################## | ||
# installing java11 | ||
################################################################## | ||
RUN wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | apt-key add - && \ | ||
echo 'deb https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/ buster main' > /etc/apt/sources.list.d/adoptopenjdk-official.list && \ | ||
apt-get update && \ | ||
apt-get autoremove -y && \ | ||
apt-get install -y --allow-unauthenticated adoptopenjdk-11-hotspot && \ | ||
mkdir /usr/lib/jvm/adoptopenjdk-11-hotspot-amd64/jre && \ | ||
ln -s /usr/lib/jvm/adoptopenjdk-11-hotspot-amd64/bin/ /usr/lib/jvm/adoptopenjdk-11-hotspot-amd64/jre/bin && \ | ||
ln -s /usr/lib/jvm/adoptopenjdk-11-hotspot-amd64/lib/ /usr/lib/jvm/adoptopenjdk-11-hotspot-amd64/jre/lib | ||
|
||
|
||
################################################################## | ||
# cleaninig up | ||
################################################################## | ||
RUN apt clean -y && \ | ||
apt autoclean -y && \ | ||
rm -rfv /var/lib/apt/lists/* && \ | ||
rm -rfv /var/cache/apt/archives/*.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
all: app | ||
|
||
app: | ||
make build | ||
make deploy | ||
make clean | ||
|
||
build: | ||
docker-compose build --compress --parallel | ||
|
||
deploy: | ||
docker-compose push | ||
|
||
clean: | ||
docker container prune -f | ||
docker image prune -f | ||
docker network prune -f | ||
docker volume prune -f | ||
docker system prune -af |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
version: '3.9' | ||
services: | ||
app: | ||
image: "epicmorg/devel:jdk11" | ||
build: | ||
context: . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
FROM epicmorg/devel | ||
LABEL maintainer="EpicMorg DevTeam, [email protected]" | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
################################################################## | ||
# installing java16 | ||
################################################################## | ||
RUN wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | apt-key add - && \ | ||
echo 'deb https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/ buster main' > /etc/apt/sources.list.d/adoptopenjdk-official.list && \ | ||
apt-get update && \ | ||
apt-get autoremove -y && \ | ||
apt-get install -y --allow-unauthenticated adoptopenjdk-16-hotspot && \ | ||
mkdir /usr/lib/jvm/adoptopenjdk-16-hotspot-amd64/jre && \ | ||
ln -s /usr/lib/jvm/adoptopenjdk-16-hotspot-amd64/bin/ /usr/lib/jvm/adoptopenjdk-16-hotspot-amd64/jre/bin && \ | ||
ln -s /usr/lib/jvm/adoptopenjdk-16-hotspot-amd64/lib/ /usr/lib/jvm/adoptopenjdk-16-hotspot-amd64/jre/lib | ||
|
||
|
||
################################################################## | ||
# cleaninig up | ||
################################################################## | ||
RUN apt clean -y && \ | ||
apt autoclean -y && \ | ||
rm -rfv /var/lib/apt/lists/* && \ | ||
rm -rfv /var/cache/apt/archives/*.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
all: app | ||
|
||
app: | ||
make build | ||
make deploy | ||
make clean | ||
|
||
build: | ||
docker-compose build --compress --parallel | ||
|
||
deploy: | ||
docker-compose push | ||
|
||
clean: | ||
docker container prune -f | ||
docker image prune -f | ||
docker network prune -f | ||
docker volume prune -f | ||
docker system prune -af |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
version: '3.9' | ||
services: | ||
app: | ||
image: "epicmorg/devel:jdk16" | ||
build: | ||
context: . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
FROM epicmorg/devel | ||
LABEL maintainer="EpicMorg DevTeam, [email protected]" | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
################################################################## | ||
# installing java6 | ||
################################################################## | ||
RUN wget -qO - http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems | apt-key add - && \ | ||
echo 'deb http://repos.azulsystems.com/debian stable main' > /etc/apt/sources.list.d/zulu.list && \ | ||
apt-get update -y && \ | ||
apt-get install -y --allow-unauthenticated zulu-6 && \ | ||
java -version | ||
|
||
################################################################## | ||
# cleaninig up | ||
################################################################## | ||
RUN apt clean -y && \ | ||
apt autoclean -y && \ | ||
rm -rfv /var/lib/apt/lists/* && \ | ||
rm -rfv /var/cache/apt/archives/*.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
all: app | ||
|
||
app: | ||
make build | ||
make deploy | ||
make clean | ||
|
||
build: | ||
docker-compose build --compress --parallel | ||
|
||
deploy: | ||
docker-compose push | ||
|
||
clean: | ||
docker container prune -f | ||
docker image prune -f | ||
docker network prune -f | ||
docker volume prune -f | ||
docker system prune -af |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
version: '3.9' | ||
services: | ||
app: | ||
image: "epicmorg/devel:jdk6" | ||
build: | ||
context: . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
FROM epicmorg/devel | ||
LABEL maintainer="EpicMorg DevTeam, [email protected]" | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
################################################################## | ||
# installing java7 | ||
################################################################## | ||
RUN wget -qO - http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems | apt-key add - && \ | ||
echo 'deb http://repos.azulsystems.com/debian stable main' > /etc/apt/sources.list.d/zulu.list && \ | ||
apt-get update -y && \ | ||
apt-get install -y --allow-unauthenticated zulu-7 && \ | ||
java -version | ||
|
||
################################################################## | ||
# cleaninig up | ||
################################################################## | ||
RUN apt clean -y && \ | ||
apt autoclean -y && \ | ||
rm -rfv /var/lib/apt/lists/* && \ | ||
rm -rfv /var/cache/apt/archives/*.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
all: app | ||
|
||
app: | ||
make build | ||
make deploy | ||
make clean | ||
|
||
build: | ||
docker-compose build --compress --parallel | ||
|
||
deploy: | ||
docker-compose push | ||
|
||
clean: | ||
docker container prune -f | ||
docker image prune -f | ||
docker network prune -f | ||
docker volume prune -f | ||
docker system prune -af |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
version: '3.9' | ||
services: | ||
app: | ||
image: "epicmorg/devel:jdk7" | ||
build: | ||
context: . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
FROM epicmorg/devel | ||
LABEL maintainer="EpicMorg DevTeam, [email protected]" | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
################################################################## | ||
# installing java8 | ||
################################################################## | ||
RUN wget -qO - https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | apt-key add - && \ | ||
echo 'deb https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/ buster main' > /etc/apt/sources.list.d/adoptopenjdk-official.list && \ | ||
apt-get update && \ | ||
apt-get autoremove -y && \ | ||
apt-get install -y --allow-unauthenticated adoptopenjdk-8-hotspot | ||
|
||
|
||
################################################################## | ||
# cleaninig up | ||
################################################################## | ||
RUN apt clean -y && \ | ||
apt autoclean -y && \ | ||
rm -rfv /var/lib/apt/lists/* && \ | ||
rm -rfv /var/cache/apt/archives/*.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
all: app | ||
|
||
app: | ||
make build | ||
make deploy | ||
make clean | ||
|
||
build: | ||
docker-compose build --compress --parallel | ||
|
||
deploy: | ||
docker-compose push | ||
|
||
clean: | ||
docker container prune -f | ||
docker image prune -f | ||
docker network prune -f | ||
docker volume prune -f | ||
docker system prune -af |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
version: '3.9' | ||
services: | ||
app: | ||
image: "epicmorg/devel:jdk8" | ||
build: | ||
context: . |
Oops, something went wrong.