Overview

File CVE-2017-11481.patch of Package kibana

commit dd420cf6ade79fbc567732813f32ab744440cf52
Author: Chris Roberson <chrisronline@gmail.com>
Date:   Fri Dec 1 14:21:25 2017 -0500

    Port #15335 (#15348)
    
    (cherry picked from commit 362722a3878ca11b16436b91e6b856306e281182)
    
    This fixes CVE-2017-11481 / ESA-2017-22.

diff --git a/src/ui/public/Vis/AggConfigResult.js b/src/ui/public/Vis/AggConfigResult.js
index 4df97b55477c..082ed1e7c02e 100644
--- a/src/ui/public/Vis/AggConfigResult.js
+++ b/src/ui/public/Vis/AggConfigResult.js
@@ -1,3 +1,5 @@
+import chrome from 'ui/chrome';
+
 define(function () {
   let i = 0;
 
@@ -36,7 +38,12 @@ define(function () {
   };
 
   AggConfigResult.prototype.toString = function (contentType) {
-    return this.aggConfig.fieldFormatter(contentType)(this.value);
+    const parsedUrl = {
+      origin: window.location.origin,
+      pathname: window.location.pathname,
+      basePath: chrome.getBasePath(),
+    };
+    return this.aggConfig.fieldFormatter(contentType)(this.value, null, null, parsedUrl);
   };
 
   AggConfigResult.prototype.valueOf = function () {
openSUSE Build Service is sponsored by
Places