Administration/pmbootstrap-meow
2
0
Fork 0
forked from Mirror/pmbootstrap
Code Pull requests Activity Actions

Update min apk version/add more apk version checks

Browse source 
* Minimum version: 2.7.2 (which fixes two CVEs)
* Check the minimum apk version before doing something with apk and
  before entering the chroot manually (previously, it has just checked
  the apk-tools-static version, which gets used to set up the chroot)
* Reword the message for an outdated APK version. Most likely it is
  just the outdated http cache, instead of a man-in-the-middle attack.

See also:
b849b481a0
This commit is contained in:
Oliver Smith 2017-06-23 17:04:49 +02:00
parent f547ff5c6e
commit fb1e8ec73b
No known key found for this signature in database
GPG key ID: 5AE7F5513E0885CB
5 changed files with 39 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pmb/parse/arguments.py
View file

@ -201,7 +201,7 @@ def arguments():
setattr(args, "arch_native", pmb.parse.arch.alpine_native())
# Add a caching dict
setattr(args, "cache", {"apkindex": {}})
setattr(args, "cache", {"apkindex": {}, "apk_min_version_checked": []})
# Add and verify the deviceinfo (only after initialization)
if args.action != "init":