From e176562f9a23f0065e1e5c27bde425c08472d648 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Fri, 8 Aug 2025 00:11:19 +0200 Subject: [PATCH] [bitnami/wordpress-nginx] Release 6.8.2-debian-12-r2 (#84998) Signed-off-by: Bitnami Bot --- bitnami/wordpress-nginx/6/debian-12/Dockerfile | 6 +++--- .../opt/bitnami/.bitnami_components.json | 4 ++-- .../rootfs/opt/bitnami/nginx/conf/nginx.conf | 4 ++++ .../opt/bitnami/scripts/nginx/postunpack.sh | 15 +++++++++++++++ 4 files changed, 24 insertions(+), 5 deletions(-) diff --git a/bitnami/wordpress-nginx/6/debian-12/Dockerfile b/bitnami/wordpress-nginx/6/debian-12/Dockerfile index 6db2467b5d5a..c18a1065fe69 100644 --- a/bitnami/wordpress-nginx/6/debian-12/Dockerfile +++ b/bitnami/wordpress-nginx/6/debian-12/Dockerfile @@ -8,7 +8,7 @@ ARG TARGETARCH LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \ org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \ - org.opencontainers.image.created="2025-07-17T07:12:08Z" \ + org.opencontainers.image.created="2025-08-07T21:33:00Z" \ org.opencontainers.image.description="Application packaged by Broadcom, Inc." \ org.opencontainers.image.documentation="https://github.com/bitnami/containers/tree/main/bitnami/wordpress-nginx/README.md" \ org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/wordpress-nginx" \ @@ -29,8 +29,8 @@ RUN --mount=type=secret,id=downloads_url,env=SECRET_DOWNLOADS_URL \ DOWNLOADS_URL=${SECRET_DOWNLOADS_URL:-${DOWNLOADS_URL}} ; \ mkdir -p /tmp/bitnami/pkg/cache/ ; cd /tmp/bitnami/pkg/cache/ || exit 1 ; \ COMPONENTS=( \ - "render-template-1.0.8-1-linux-${OS_ARCH}-debian-12" \ - "php-8.2.29-2-linux-${OS_ARCH}-debian-12" \ + "render-template-1.0.8-2-linux-${OS_ARCH}-debian-12" \ + "php-8.2.29-4-linux-${OS_ARCH}-debian-12" \ "nginx-1.29.0-0-linux-${OS_ARCH}-debian-12" \ "mysql-client-11.8.2-0-linux-${OS_ARCH}-debian-12" \ "wordpress-nginx-6.8.2-0-linux-${OS_ARCH}-debian-12" \ diff --git a/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json index 3a7b2b0bce22..320150465fe1 100644 --- a/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/wordpress-nginx/6/debian-12/prebuildfs/opt/bitnami/.bitnami_components.json @@ -15,13 +15,13 @@ "arch": "amd64", "distro": "debian-12", "type": "NAMI", - "version": "8.2.29-2" + "version": "8.2.29-4" }, "render-template": { "arch": "amd64", "distro": "debian-12", "type": "NAMI", - "version": "1.0.8-1" + "version": "1.0.8-2" }, "wordpress-nginx": { "arch": "amd64", diff --git a/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf b/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf index 9833b1cfd043..02675408fea8 100644 --- a/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf +++ b/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/nginx/conf/nginx.conf @@ -5,8 +5,11 @@ worker_processes auto; error_log "/opt/bitnami/nginx/logs/error.log"; pid "/opt/bitnami/nginx/tmp/nginx.pid"; +include "/opt/bitnami/nginx/conf/context.d/main/*.conf"; + events { worker_connections 1024; + include "/opt/bitnami/nginx/conf/context.d/events/*.conf"; } http { @@ -42,6 +45,7 @@ http { port_in_redirect off; include "/opt/bitnami/nginx/conf/server_blocks/*.conf"; + include "/opt/bitnami/nginx/conf/context.d/http/*.conf"; # HTTP Server server { diff --git a/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh b/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh index 26b18da3c3b6..81ee60d06442 100755 --- a/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh +++ b/bitnami/wordpress-nginx/6/debian-12/rootfs/opt/bitnami/scripts/nginx/postunpack.sh @@ -37,6 +37,13 @@ nginx_patch_httpoxy_vulnerability() { # Remove unnecessary directories that come with the tarball rm -rf "${BITNAMI_ROOT_DIR}/certs" "${BITNAMI_ROOT_DIR}/server_blocks" +# Context include directories +NGINX_CONTEXT_INCLUDES=( + "main" + "events" + "http" +) + # Ensure non-root user has write permissions on a set of directories chmod g+w "$NGINX_BASE_DIR" for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGINX_SERVER_BLOCKS_DIR" "$NGINX_STREAM_SERVER_BLOCKS_DIR" "${NGINX_CONF_DIR}/bitnami" "${NGINX_CONF_DIR}/bitnami/certs" "$NGINX_LOGS_DIR" "$NGINX_TMP_DIR" "$NGINX_DEFAULT_CONF_DIR"; do @@ -44,6 +51,14 @@ for dir in "$NGINX_VOLUME_DIR" "$NGINX_CONF_DIR" "$NGINX_INITSCRIPTS_DIR" "$NGIN chmod -R g+rwX "$dir" done +# Create context.d directory and context include directories +ensure_dir_exists "${NGINX_CONF_DIR}/context.d" +chmod -R g+rwX "${NGINX_CONF_DIR}/context.d" +for context in "${NGINX_CONTEXT_INCLUDES[@]}"; do + ensure_dir_exists "${NGINX_CONF_DIR}/context.d/${context}" + chmod -R g+rwX "${NGINX_CONF_DIR}/context.d/${context}" +done + # Unset HTTP_PROXY header to protect vs HTTPPOXY vulnerability nginx_patch_httpoxy_vulnerability