jenkins-bot has submitted this change and it was merged.
Change subject: Avoid exposure of local path in PNG thumbnails
......................................................................
Avoid exposure of local path in PNG thumbnails
Bug: T108616
Change-Id: I952068d2d175d71f86dec0dbb92af5a122c05a49
---
M includes/media/Bitmap.php
1 file changed, 2 insertions(+), 0 deletions(-)
Approvals:
Chad: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/media/Bitmap.php b/includes/media/Bitmap.php
index e81b37d..27098a5 100644
--- a/includes/media/Bitmap.php
+++ b/includes/media/Bitmap.php
@@ -162,6 +162,8 @@
( $params['comment'] !== ''
? array( '-set', 'comment',
$this->escapeMagickProperty( $params['comment'] ) )
: array() ),
+ // T108616: Avoid exposure of local file path
+ array( '+set', 'Thumb::URI'),
array( '-depth', 8 ),
$sharpen,
array( '-rotate', "-$rotation" ),
--
To view, visit https://gerrit.wikimedia.org/r/246876
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I952068d2d175d71f86dec0dbb92af5a122c05a49
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_24
Gerrit-Owner: Chad <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Chad <[email protected]>
Gerrit-Reviewer: Dpatrick <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
