WordPress Really Simple Security Plugin Authentication Bypass to RCE (CVE-2024-10924) #16695
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Verify | |
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions | |
permissions: | |
actions: none | |
checks: none | |
contents: none | |
deployments: none | |
id-token: none | |
issues: none | |
discussions: none | |
packages: none | |
pages: none | |
pull-requests: none | |
repository-projects: none | |
security-events: none | |
statuses: none | |
on: | |
push: | |
branches-ignore: | |
- gh-pages | |
- metakitty | |
- weekly-dependency-updates | |
pull_request: | |
branches-ignore: | |
- weekly-dependency-updates | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
name: Docker Build | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: docker-compose build | |
run: | | |
docker compose build | |
test: | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 60 | |
services: | |
postgres: | |
image: postgres:9.6 | |
ports: ["5432:5432"] | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
options: >- | |
--health-cmd "pg_isready --username postgres" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
strategy: | |
fail-fast: true | |
matrix: | |
ruby: | |
- '3.1' | |
- '3.2' | |
- '3.3' | |
- '3.4.0-preview2' | |
os: | |
- ubuntu-20.04 | |
- ubuntu-latest | |
include: | |
- os: ubuntu-latest | |
ruby: '3.1' | |
test_cmd: 'bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" MSF_FEATURE_DEFER_MODULE_LOADS=1' | |
test_cmd: | |
- bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" | |
- bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" | |
# Used for testing the remote data service | |
- bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag content" REMOTE_DB=1 | |
- bundle exec rake rspec-rerun:spec SPEC_OPTS="--tag ~content" REMOTE_DB=1 | |
env: | |
RAILS_ENV: test | |
BUNDLE_WITHOUT: "coverage development pcap" | |
name: ${{ matrix.os }} - Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }} | |
steps: | |
- name: Install system dependencies | |
run: sudo apt-get install -y --no-install-recommends libpcap-dev graphviz | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Setup Ruby | |
env: | |
# Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM | |
BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}" | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: '${{ matrix.ruby }}' | |
bundler-cache: true | |
- name: Create database | |
run: | | |
cp config/database.yml.github_actions config/database.yml | |
bundle exec rake --version | |
bundle exec rake db:create | |
bundle exec rake db:migrate | |
# fail build if db/schema.rb update is not committed | |
git diff --exit-code db/schema.rb | |
- name: ${{ matrix.test_cmd }} | |
run: | | |
echo "${CMD}" | |
bash -c "${CMD}" | |
env: | |
CMD: ${{ matrix.test_cmd }} |