Skip to content

Commit

Permalink
Merge pull request #18 from prydom/CVE-2024-3094
Browse files Browse the repository at this point in the history 
[CVE-2024-3094] base image has downgraded XZ
  • Loading branch information
@prydom
prydom authored Mar 30, 2024
2 parents f6edf4d + b60f8ba commit 12cba71
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 6 deletions.
5 changes: 0 additions & 5 deletions config/fedora-kinoite-laptop.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,6 @@ modules:
- mv /opt /opt.orig
- ln -s /usr/lib/opt /opt

# WORKAROUND FORCE REPLACE XZ for CVE-2024-3094
- type: script
snippets:
- rpm-ostree override replace --experimental --from repo=koji xz xz-libs

# Virtualization
- type: rpm-ostree
install:
Expand Down
2 changes: 1 addition & 1 deletion config/files/etc/yum.repos.d/koji.repo
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[koji]
name=Koji $basearch
baseurl=https://kojipkgs.fedoraproject.org/repos/rawhide/latest/$basearch/
enabled=1
enabled=0
gpgcheck=0
repo_gpgcheck=0
# DISABLE KOJI WHEN NOT BROKEN - xz compromised CVE-2024-3094
Expand Down

0 comments on commit 12cba71

Please sign in to comment.