mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-06-09 09:05:15 +02:00
Security Fix
7d62e8319e
CRITICAL FIXES (CWE-494, CWE-300): - tools/pve/microcode.sh:79 (Intel microcode) - tools/pve/pbs-microcode.sh:93 (Intel microcode) CONTAINER-LEVEL FIXES: - install/deconz-install.sh: libssl1.1 .deb + setup_deb822_repo URLs - install/odoo-install.sh: lxml-clean .deb - ct/odoo.sh: lxml-clean .deb (update_script) HOST-LEVEL REPOSITORY FIXES: - tools/pve/post-pve-install.sh: Debian + Proxmox PVE repos - tools/pve/post-pbs-install.sh: Debian + Proxmox PBS repos - tools/pve/pve8-upgrade.sh: Debian + Proxmox PVE + Ceph repos - tools/pve/pbs3-upgrade.sh: Debian + Proxmox PBS repos - tools/pve/hw-acceleration.sh: Debian non-free repos (deb + deb-src) - install/proxmox-backup-server-install.sh: Proxmox PBS repo - install/medusa-install.sh: Debian non-free repo - install/globaleaks-install.sh: GlobaLeaks repository CHANGES: ✅ All http:// → https:// for package downloads ✅ All http:// → https:// for repository configurations ✅ Added --proto '=https' to curl commands for protocol enforcement ✅ Improved quoting for file variables IMPACT: - Prevents MITM attacks on package installations - Prevents MITM attacks on repository configuration - Enforces TLS transport security across all downloads - Brings consistency with security best practices CVSS: 6.5 (Medium) - CWE-494, CWE-300, CWE-829