diff options
-rw-r--r-- | .SRCINFO | 8 | ||||
-rw-r--r-- | PKGBUILD | 6 | ||||
-rw-r--r-- | grav.patch | 6 |
3 files changed, 10 insertions, 10 deletions
@@ -1,6 +1,6 @@ pkgbase = grav pkgdesc = Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS - pkgver = 1.7.43 + pkgver = 1.7.44 pkgrel = 1 url = https://getgrav.org install = grav.install @@ -16,7 +16,7 @@ pkgbase = grav provides = grav backup = etc/webapps/grav/config/site.yaml backup = etc/webapps/grav/config/system.yaml - source = grav-1.7.43.zip::https://github.com/getgrav/grav/releases/download/1.7.43/grav-v1.7.43.zip + source = grav-1.7.44.zip::https://github.com/getgrav/grav/releases/download/1.7.44/grav-v1.7.44.zip source = grav.patch source = grav.user.readme source = grav.sysusers.conf @@ -25,8 +25,8 @@ pkgbase = grav source = grav.php-fpm.ini source = grav.php-fpm.d.grav.conf source = grav.php-fpm.service.d.override.conf - sha256sums = 4067adeeadb2dc6bbb038e440e9fe25eeeea4a5ddfd08bda92cd8eb09c7b270f - sha256sums = 773b4015af1eca07e154f8d555e08e021f7d8b6c19ea5d8905ec472e8e18d2bf + sha256sums = b8dba5e64fed3a43267f9d3fc383daa32fad6324ef5f3a73dd2ec98df8fed97a + sha256sums = 80d8a9e6788fc7efca9ce78f96902d37a3e3c3df363224480db6901bd7d7fcb3 sha256sums = 125e08820ed477582d7ae716dac6495bca4eac485fa4d4263b11f2505fc355db sha256sums = ced168231a98be4816afc0a1928b54218c4ce4081be7b49acd704e2a9325f9db sha256sums = ca7197a1e73fec939ea25ee8f3cc05db2117463aa9db8b2911f889e647974228 @@ -3,7 +3,7 @@ # Contributor: Nils Czernia <nils at czserver dot de> pkgname=grav -pkgver=1.7.43 +pkgver=1.7.44 pkgrel=1 pkgdesc='Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS' arch=('any') @@ -28,8 +28,8 @@ source=("${pkgname}-${pkgver}.zip::https://github.com/getgrav/grav/releases/down "grav.php-fpm.ini" "grav.php-fpm.d.grav.conf" "grav.php-fpm.service.d.override.conf") -sha256sums=('4067adeeadb2dc6bbb038e440e9fe25eeeea4a5ddfd08bda92cd8eb09c7b270f' - '773b4015af1eca07e154f8d555e08e021f7d8b6c19ea5d8905ec472e8e18d2bf' +sha256sums=('b8dba5e64fed3a43267f9d3fc383daa32fad6324ef5f3a73dd2ec98df8fed97a' + '80d8a9e6788fc7efca9ce78f96902d37a3e3c3df363224480db6901bd7d7fcb3' '125e08820ed477582d7ae716dac6495bca4eac485fa4d4263b11f2505fc355db' 'ced168231a98be4816afc0a1928b54218c4ce4081be7b49acd704e2a9325f9db' 'ca7197a1e73fec939ea25ee8f3cc05db2117463aa9db8b2911f889e647974228' diff --git a/grav.patch b/grav.patch index 81830c4b783b..6aed11cd1d32 100644 --- a/grav.patch +++ b/grav.patch @@ -26,8 +26,8 @@ if (!class_exists(ZipArchive::class)) { $io->title('GPM Self Upgrade'); $io->error('php-zip extension needs to be enabled!'); ---- a/webserver-configs/nginx.conf 2022-01-04 19:02:30.000000000 +0100 -+++ b/webserver-configs/nginx.conf 2022-01-04 22:30:17.079302244 +0100 +--- a/webserver-configs/nginx.conf 2024-01-05 13:46:02.000000000 +0100 ++++ b/webserver-configs/nginx.conf 2024-01-06 21:27:25.574913828 +0100 @@ -1,10 +1,61 @@ server { - #listen 80; @@ -108,7 +108,7 @@ location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; } # deny running scripts inside core system folders @@ -25,20 +83,32 @@ - location ~* /user/.*\.(txt|md|json|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; } + location ~* /user/.*\.(txt|md|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ { return 403; } # deny access to specific files in the root folder location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; } + # deny all files and folder beginning with a dot (hidden files & folders) |