pmb.config.apk_tools_min_version: update
Require an apk-tools version that has the recent CVE fixed. Related: https://security.alpinelinux.org/vuln/CVE-2021-36159
This commit is contained in:
parent
ba07c4cf14
commit
d01027fe2c
|
@ -24,10 +24,10 @@ apk_keys_path = pmb_src + "/pmb/data/keys"
|
||||||
# Update this frequently to prevent a MITM attack with an outdated version
|
# Update this frequently to prevent a MITM attack with an outdated version
|
||||||
# (which may contain a vulnerable apk/openssl, and allows an attacker to
|
# (which may contain a vulnerable apk/openssl, and allows an attacker to
|
||||||
# exploit the system!)
|
# exploit the system!)
|
||||||
apk_tools_min_version = {"edge": "2.12.5-r1",
|
apk_tools_min_version = {"edge": "2.12.7-r0",
|
||||||
"v3.14": "2.12.5-r1",
|
"v3.14": "2.12.7-r0",
|
||||||
"v3.13": "2.12.5-r0",
|
"v3.13": "2.12.7-r0",
|
||||||
"v3.12": "2.10.6-r0"}
|
"v3.12": "2.10.8-r0"}
|
||||||
|
|
||||||
# postmarketOS aports compatibility (checked against "version" in pmaports.cfg)
|
# postmarketOS aports compatibility (checked against "version" in pmaports.cfg)
|
||||||
pmaports_min_version = "7"
|
pmaports_min_version = "7"
|
||||||
|
|
Loading…
Reference in New Issue