linux(centos)Imagemagick升級指令碼

5月3日，影像處理軟體ImageMagick就被公布出一個嚴重的0day漏洞(CVE-2016-3714)，攻擊者通過此漏洞可執行任意命令，最終竊取重要訊息取得伺服器控制權。

詳細資料參考：https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
該漏洞在6.9.3-10、7.0.1-1及以上版本得到修複，下面來看看OneinStack或《lnmp一鍵安裝包》（最新下載OneinStack預設已經升級，無此漏洞）之前版本怎麼來通過升級修複這個漏洞，如下（2016-05-31更新至6.9.4-5）：

cd /root/oneinstack   #進入oneinstack工具目錄

#cd /root/lnmp  #如果安裝使用的是lnmp

tmux   #進入tmux模式下，防止斷網導致升級中斷

wget http://mirrors.linuxeye.com/scripts/update_ImageMagick.sh  #下載升級指令碼

chmod +x update_ImageMagick.sh   #賦權許可權

./update_ImageMagick.sh   #升級，註：請勿sh或bash update_ImageMagick.sh方式執行指令碼
如下圖表示升級成功：

指令碼內容如下（update_ImageMagick.sh）：

代碼如下

複製代碼

#!/bin/bash # Author:  yeho <lj2007331 AT gmail.com> # # Notes: OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+ # # Project home page: #       http://oneinstack.com #       https://github.com/lj2007331/oneinstack export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin clear printf " ####################################################################### #       OneinStack for CentOS/RadHat 5+ Debian 6+ and Ubuntu 12+      # #                  upgrade ImageMagick for OneinStack                 # #       For more information please visit http://oneinstack.com       # ####################################################################### " . ./options.conf . ./include/color.sh . ./include/download.sh ImageMagick_version=6.9.4-1 imagick_version=3.4.1 if [ -e "/usr/local/imagemagick/bin/convert" ];then     OLD_ImageMagick_version=`/usr/local/imagemagick/bin/Magick-config --version | awk '{print $1}'` else     echo "${CWARNING}You do not have to install Imagemagick! ${CEND}"     exit 1 fi Stop_ImageMagick() { if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini" ];then     /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{,_bk} elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then     sed -i 's@extension.*imagick.so.*@;&@' $php_install_dir/etc/php.ini fi [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart /bin/mv /usr/local/imagemagick{,_`date +"%Y%m%d_%H%M%S"`} } Start_ImageMagick() { if [ -e "$php_install_dir/etc/php.d/ext-imagick.ini_bk" ];then     /bin/mv $php_install_dir/etc/php.d/ext-imagick.ini{_bk,} elif [ ! -e "$php_install_dir/etc/php.d/ext-imagick.ini" -a -n "`grep imagick.so $php_install_dir/etc/php.ini`" ];then     sed -i 's@;extension.*imagick.so.*@extension=imagick.so@' /usr/local/php/etc/php.ini fi [ -e "$apache_install_dir/conf/httpd.conf" ] && service httpd restart || service php-fpm restart } Check_ImageMagick() { if [ -n "`/usr/local/imagemagick/bin/convert -version | grep "$ImageMagick_version"`" ];then     echo "You have ${CMSG}successfully${CEND} upgrade from ${CWARNING}$OLD_ImageMagick_version${CEND} to ${CWARNING}$ImageMagick_version${CEND}" else     echo "${CWARNING}Imagemagick upgrade failed! ${CEND}" fi } Install_ImageMagick() { cd $oneinstack_dir/src src_url=http://mirrors.linuxeye.com/oneinstack/src/ImageMagick-$ImageMagick_version.tar.gz && Download_src tar xzf ImageMagick-$ImageMagick_version.tar.gz cd ImageMagick-$ImageMagick_version ./configure --prefix=/usr/local/imagemagick --enable-shared --enable-static make && make install cd .. rm -rf ImageMagick-$ImageMagick_version cd .. } Install_php-imagick() { cd $oneinstack_dir/src if [ -e "$php_install_dir/bin/phpize" ];then     if [ "`$php_install_dir/bin/php -r 'echo PHP_VERSION;' | awk -F. '{print $1"."$2}'`" == '5.3' ];then         src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-3.3.0.tgz && Download_src         tar xzf imagick-3.3.0.tgz         cd imagick-3.3.0     else         src_url=http://mirrors.linuxeye.com/oneinstack/src/imagick-$imagick_version.tgz && Download_src         tar xzf imagick-$imagick_version.tgz         cd imagick-$imagick_version     fi     make clean     export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig     $php_install_dir/bin/phpize     ./configure --with-php-config=$php_install_dir/bin/php-config --with-imagick=/usr/local/imagemagick     make && make install     cd ..     rm -rf imagick-$imagick_version fi cd .. } Stop_ImageMagick Install_ImageMagick Install_php-imagick Start_ImageMagick Check_ImageMagick