pmb.config.apk_tools_min_version: update
Require an apk-tools version that has the recent CVE fixed. Related: https://security.alpinelinux.org/vuln/CVE-2021-36159
This commit is contained in:
parent
ba07c4cf14
commit
d01027fe2c
|
@ -24,10 +24,10 @@ apk_keys_path = pmb_src + "/pmb/data/keys"
|
|||
# Update this frequently to prevent a MITM attack with an outdated version
|
||||
# (which may contain a vulnerable apk/openssl, and allows an attacker to
|
||||
# exploit the system!)
|
||||
apk_tools_min_version = {"edge": "2.12.5-r1",
|
||||
"v3.14": "2.12.5-r1",
|
||||
"v3.13": "2.12.5-r0",
|
||||
"v3.12": "2.10.6-r0"}
|
||||
apk_tools_min_version = {"edge": "2.12.7-r0",
|
||||
"v3.14": "2.12.7-r0",
|
||||
"v3.13": "2.12.7-r0",
|
||||
"v3.12": "2.10.8-r0"}
|
||||
|
||||
# postmarketOS aports compatibility (checked against "version" in pmaports.cfg)
|
||||
pmaports_min_version = "7"
|
||||
|
|
Loading…
Reference in New Issue