ONLYOFFICE/Docker-CommunityServer
1
0
Fork 0
mirror of https://github.com/ONLYOFFICE/Docker-CommunityServer.git synced 2025-04-18 15:24:01 +03:00
Code

Fix log4j vulnerability in ami

Browse Source
This commit is contained in:
Alexey Golubev 2022-02-08 16:00:59 +03:00
parent c5116afebd
commit 035a7ed28c
2 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Dockerfile
View File

@ -7,6 +7,15 @@ ARG SOURCE_REPO_URL="deb http://static.teamlab.com.s3.amazonaws.com/repo/debian
ARG DEBIAN_FRONTEND=noninteractive
ARG PACKAGE_SYSNAME="onlyoffice"
ARG LOG4J_VER=2.17.1
ARG LOG4J_BIN=apache-log4j-${LOG4J_VER}-bin
ARG LOG4J_ARCH=${LOG4J_BIN}.tar.gz
ARG LOG4J_DIR=./log4j
ARG ELK_DIR=/usr/share/elasticsearch
ARG ELK_LIB_DIR=${ELK_DIR}/lib
ARG ELK_MODULE_DIR=${ELK_DIR}/modules
LABEL ${PACKAGE_SYSNAME}.community.release-date="${RELEASE_DATE}" \
${PACKAGE_SYSNAME}.community.version="${VERSION}" \
description="Community Server is a free open-source collaborative system developed to manage documents, projects, customer relationship and emails, all in one place." \
@ -84,6 +93,17 @@ RUN apt-get -y update && \
mono-webserver-hyperfastcgi=0.4-7 \
${PACKAGE_SYSNAME}-communityserver \
${PACKAGE_SYSNAME}-xmppserver && \
rm -v ${ELK_LIB_DIR}/log4j-*.jar ${ELK_MODULE_DIR}/*/log4j-*.jar && \
wget https://dlcdn.apache.org/logging/log4j/${LOG4J_VER}/${LOG4J_ARCH}&& \
mkdir ${LOG4J_DIR} && \
tar -xf ${LOG4J_ARCH} -C ${LOG4J_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-api-${LOG4J_VER}.jar ${ELK_LIB_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-core-${LOG4J_VER}.jar ${ELK_LIB_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-1.2-api-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-core && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-slf4j-impl-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-identity-provider && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-slf4j-impl-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-security && \
rm -vr ${LOG4J_ARCH} ${LOG4J_DIR} && \
zip -q -d ${ELK_LIB_DIR}/log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

20
Dockerfile.ami
View File

@ -2,26 +2,6 @@ FROM onlyoffice/communityserver:latest AS communityserver-ami
ARG APPSETTING_CONFIG=/var/www/onlyoffice/WebStudio/web.appsettings.config
ARG RESOURCE_SQL=/var/www/onlyoffice/Sql/onlyoffice.resources.sql
ARG LOG4J_VER=2.17.1
ARG LOG4J_BIN=apache-log4j-${LOG4J_VER}-bin
ARG LOG4J_ARCH=${LOG4J_BIN}.tar.gz
ARG LOG4J_DIR=./log4j
ARG ELK_DIR=/usr/share/elasticsearch
ARG ELK_LIB_DIR=${ELK_DIR}/lib
ARG ELK_MODULE_DIR=${ELK_DIR}/modules
RUN rm -v ${ELK_LIB_DIR}/log4j-*.jar ${ELK_MODULE_DIR}/*/log4j-*.jar && \
wget https://dlcdn.apache.org/logging/log4j/${LOG4J_VER}/${LOG4J_ARCH}&& \
mkdir ${LOG4J_DIR} && \
tar -xf ${LOG4J_ARCH} -C ${LOG4J_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-api-${LOG4J_VER}.jar ${ELK_LIB_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-core-${LOG4J_VER}.jar ${ELK_LIB_DIR} && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-1.2-api-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-core && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-slf4j-impl-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-identity-provider && \
cp -v ${LOG4J_DIR}/${LOG4J_BIN}/log4j-slf4j-impl-${LOG4J_VER}.jar ${ELK_MODULE_DIR}/x-pack-security && \
rm -vr ${LOG4J_ARCH} ${LOG4J_DIR}
RUN apt-get -y update && \
apt-get install -yq xmlstarlet