mirror of
https://github.com/ben-grande/qusal.git
synced 2024-10-01 02:35:49 -04:00
feat: bump Pi-Hole version
Many of the Pi-Hole releases of this year were made due to security vulnerabilities. None of them are to concern to Qusal users. - GHSA-jg6g-rrj6-xfg6: Requires authenticated user; - GHSA-95g6-7q26-mp9x: Requires authenticated user; and - GHSA-3597-244c-wrpj: Requires shell in the same qube running Pi-Hole. The admin interface is only allowed through localhost, therefore only sys-pihole and sys-pihole-browser qubes have access to it, blocked by firewall (nftables) and HTTP server (lighttpd). Qubes with access to the admin interface are not of a concern, we assume that every qube that has access to the admin interface is trusted, therefore, only if a qube doesn't have access to the admin interface and can gain access, it becomes a concern, which hasn't happened.
This commit is contained in:
parent
bb722faba4
commit
ab044c15b1
@ -7,7 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
|
|||||||
|
|
||||||
{% if grains['nodename'] != 'dom0' %}
|
{% if grains['nodename'] != 'dom0' %}
|
||||||
|
|
||||||
{% set pihole_tag = 'v5.18.2' -%}
|
{% set pihole_tag = 'v5.18.3' -%}
|
||||||
|
|
||||||
include:
|
include:
|
||||||
- utils.tools.common.update
|
- utils.tools.common.update
|
||||||
|
Loading…
Reference in New Issue
Block a user