Windows Linux/Shell Nginx UNIX
MySQL Ms SQL Server MS Access MS DOS命令 Oracle SQLite MongoDB Redis SSDB Memcached Cassandra Hibernate MariaDB MyBatis Slick Spark Kubernetes neo4j TiDB PostgreSQL InfluxDB Istio IoTDB
用户登录
用户注册

分享至

Imagemagick升级脚本-OneinStack

  • 作者: 潘邓LV小闲
  • 来源: 51数据库
  • 2020-08-22

5月3日,图像处理软件ImageMagick就被公布出一个严重的0day漏洞(CVE-2016-3714),攻击者通过此漏洞可执行任意命令,最终窃取重要信息取得服务器控制权。

详细信息参考:https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588

该漏洞在6.9.3-10、7.0.1-1及以上版本得到修复,下面来看看OneinStack或《lnmp一键安装包》(最新下载OneinStack默认已经升级,无此漏洞)之前版本怎么来通过升级修复这个漏洞,如下(2016-05-31更新至6.9.4-5):

 
  1. cd /root/oneinstack   #进入oneinstack工具目录
  2. #cd /root/lnmp  #如果安装使用的是lnmp
  3. tmux   #进入tmux模式下,防止断网导致升级中断
  4. wget http://mirrors.linuxeye.com/scripts/update_ImageMagick.sh  #下载升级脚本
  5. chmod +x update_ImageMagick.sh   #赋权权限
  6. ./update_ImageMagick.sh   #升级,注:请勿sh或bash update_ImageMagick.sh方式执行脚本

如下图表示升级成功:

脚本内容如下(update_ImageMagick.sh):

 
  1. #!/bin/bash
  2. # Author:  yeho <lj2007331 AT gmail.com>
  3. # BLOG:  https://blog.linuxeye.com
  4. #
  5. # Notes: OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+
  6. #
  7. # Project home page:
  8. #       http://oneinstack.com
  9. #       https://github.com/lj2007331/oneinstack
  10.  
  11. export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
  12. clear
  13. printf "
  14. #######################################################################
  15. #       OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+      #
  16. #                  upgrade ImageMagick for OneinStack                 #
  17. #       For more information please visit http://oneinstack.com       #
  18. #######################################################################
  19. "
  20.  
  21. . ./options.conf
  22. . ./include/color.sh
  23. . ./include/download.sh
  24.  
  25. ImageMagick_version=6.9.4-1
  26. imagick_version=3.4.1
  27.  
  28. if [ -e "/usr/local/imagemagick/bin/convert" ];then
  29.     OLD_ImageMagick_version=`/usr/local/imagemagick/bin/Magick-config --version | awk '{print $1}'`
  30. else
  31.     echo "${CWARNING}You do not have to install Imagemagick! ${CEND}"
  32.     exit 1
  33. fi
  34.  
  35. Stop_ImageMagick() {
  36. if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini" ];then
  37.     /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{,_bk}
  38. elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then
  39.     sed -i 's@extension.*imagick.so.*@;&@' $php_install_dir/etc/php.ini
  40. fi
  41. [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart
  42. /bin/mv /usr/local/imagemagick{,_`date +"%Y%m%d_%H%M%S"`}
  43. }
  44.  
  45. Start_ImageMagick() {
  46. if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini_bk" ];then
  47.     /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{_bk,}
  48. elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then
  49.     sed -i 's@;extension.*imagick.so.*@extension=imagick.so@' /usr/local/php/etc/php.ini
  50. fi
  51. [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart
  52. }
  53.  
  54. Check_ImageMagick() {
  55. if [ -n "`/usr/local/imagemagick/bin/convert -version | grep "$ImageMagick_version"`" ];then
  56.     echo "You have ${CMSG}successfully${CEND} upgrade from ${CWARNING}$OLD_ImageMagick_version${CEND} to ${CWARNING}$ImageMagick_version${CEND}"
  57. else
  58.     echo "${CWARNING}Imagemagick upgrade failed! ${CEND}"
  59. fi
  60. }
  61.  
  62. Install_ImageMagick() {
  63. cd $oneinstack_dir/src
  64. src_url=http://mirrors.linuxeye.com/oneinstack/src/ImageMagick-$ImageMagick_version.tar.gz && Download_src
  65.  
  66. tar xzf ImageMagick-$ImageMagick_version.tar.gz
  67. cd ImageMagick-$ImageMagick_version
  68. ./configure --prefix=/usr/local/imagemagick --enable-shared --enable-static
  69. make && make install
  70. cd ..
  71. rm -rf ImageMagick-$ImageMagick_version
  72. cd ..
  73. }
  74.  
  75. Install_php-imagick() {
  76. cd $oneinstack_dir/src
  77. if [ -e "$php_install_dir/bin/phpize" ];then
  78.     if [ "`$php_install_dir/bin/php -r 'echo PHP_VERSION;' | awk -F. '{print $1"."$2}'`" == '5.3' ];then
  79.         src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-3.3.0.tgz && Download_src
  80.         tar xzf imagick-3.3.0.tgz
  81.         cd imagick-3.3.0
  82.     else
  83.         src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-$imagick_version.tgz && Download_src
  84.         tar xzf imagick-$imagick_version.tgz
  85.         cd imagick-$imagick_version
  86.     fi
  87.     make clean
  88.     export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
  89.     $php_install_dir/bin/phpize
  90.     ./configure --with-php-config=$php_install_dir/bin/php-config --with-imagick=/usr/local/imagemagick
  91.     make && make install
  92.     cd ..
  93.     rm -rf imagick-$imagick_version
  94. fi
  95. cd ..
  96. }
  97.  
  98. Stop_ImageMagick
  99. Install_ImageMagick
  100. Install_php-imagick
  101. Start_ImageMagick
  102. Check_ImageMagick


推荐阅读
热点文章

Copyright 2018 51数据库(www.51sjk.com)

软件
前端设计
程序设计
Java相关