From d01027fe2c88f176f09549cb511f8f7a49d58c18 Mon Sep 17 00:00:00 2001
From: Oliver Smith <ollieparanoid@postmarketos.org>
Date: Sat, 7 Aug 2021 17:09:53 +0200
Subject: [PATCH] pmb.config.apk_tools_min_version: update

Require an apk-tools version that has the recent CVE fixed.

Related: https://security.alpinelinux.org/vuln/CVE-2021-36159
---
 pmb/config/__init__.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pmb/config/__init__.py b/pmb/config/__init__.py
index 2695a006..5ef10f80 100644
--- a/pmb/config/__init__.py
+++ b/pmb/config/__init__.py
@@ -24,10 +24,10 @@ apk_keys_path = pmb_src + "/pmb/data/keys"
 # Update this frequently to prevent a MITM attack with an outdated version
 # (which may contain a vulnerable apk/openssl, and allows an attacker to
 # exploit the system!)
-apk_tools_min_version = {"edge": "2.12.5-r1",
-                         "v3.14": "2.12.5-r1",
-                         "v3.13": "2.12.5-r0",
-                         "v3.12": "2.10.6-r0"}
+apk_tools_min_version = {"edge": "2.12.7-r0",
+                         "v3.14": "2.12.7-r0",
+                         "v3.13": "2.12.7-r0",
+                         "v3.12": "2.10.8-r0"}
 
 # postmarketOS aports compatibility (checked against "version" in pmaports.cfg)
 pmaports_min_version = "7"