Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update pi-hole to version 2024.07.0 #1348

Merged
merged 3 commits into from
Aug 13, 2024
Merged

Update pi-hole to version 2024.07.0 #1348

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c46c242
Update pi-hole to 2024.07.0
nmfretz Aug 12, 2024
b6f1bca
Tweak release notes
nmfretz Aug 13, 2024
ec8b14d
Add whitespace to description
nmfretz Aug 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions pi-hole/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
version: "3.7"

Check notice on line 1 in pi-hole/docker-compose.yml

View workflow job for this annotation

GitHub Actions / Lint apps

Potentially using unsafe user in service "server" 

The default container user "root" can lead to security vulnerabilities. If you are using the root user, please try to specify a different user (e.g. "1000:1000") in the compose file or try to set the UID/PUID and GID/PGID environment variables to 1000.

services:
server:
image: pihole/pihole:2024.02.0@sha256:8077053835c2d2449041adad0c272d6e5fea3df91c5dfc3dae2bd950999c3118
image: pihole/pihole:2024.07.0@sha256:0def896a596e8d45780b6359dbf82fc8c75ef05b97e095452e67a0a4ccc95377
# Pi-hole doesn't currently support running as non-root
# https://github.com/pi-hole/docker-pi-hole/issues/685
# user: "1000:1000"
restart: on-failure
network_mode: host

Check notice on line 10 in pi-hole/docker-compose.yml

View workflow job for this annotation

GitHub Actions / Lint apps

Service "server" uses host network mode 

The host network mode can lead to security vulnerabilities. If possible please use the default bridge network mode and expose the necessary ports.
volumes:
- ${APP_DATA_DIR}/data/pihole:/etc/pihole/
- ${APP_DATA_DIR}/data/dnsmasq:/etc/dnsmasq.d/
Expand All @@ -18,4 +18,4 @@
# Listen on all interfaces, permit all origins
- DNSMASQ_LISTENING=all
cap_add:
- NET_ADMIN
- NET_ADMIN
11 changes: 6 additions & 5 deletions pi-hole/umbrel-app.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ manifestVersion: 1.1
id: pi-hole
category: networking
name: Pi-hole
version: "2024.02.0"
version: "2024.07.0"
tagline: Block ads on your entire network
description: >-
Instead of browser plugins or other software on each computer,
Expand All @@ -13,7 +13,8 @@ description: >-
improved and will feel faster.


In addition to blocking advertisements, Pi-hole® has an informative Web interface that shows stats on all the domains being queried on your network. Pi-hole® works fine with an existing DHCP server, but you can use Pi-hole®’s to keep your network management in one place.
In addition to blocking advertisements, Pi-hole® has an informative Web interface that shows stats on all the domains being queried on your network. Pi-hole® works fine with an existing DHCP server, but you can use Pi-hole®'s to keep your network management in one place.


Pi-hole® and the Pi-hole® logo are registered trademarks of Pi-hole. Umbrel is not sponsored, endorsed by, or associated with Pi-hole®.
developer: Pi-hole®
Expand All @@ -31,9 +32,9 @@ defaultUsername: ""
deterministicPassword: true
torOnly: false
releaseNotes: >-
This is a minor bug-fix release, and includes FTL v5.24, Web 5.12, and Core v5.17.3.
🚨 This release fixes a vulnerability that was recently discovered in Pi-hole's gravity script that could allow an authenticated user to read system files through the web interface. Please update immediately.


Full release notes can be found here: https://pi-hole.net/blog/2024/01/06/pi-hole-ftl-v5-24-and-core-v5-17-3-released/
More information can be found at https://github.com/pi-hole/pi-hole/security/advisories/GHSA-95g6-7q26-mp9x
submitter: Umbrel
submission: https://github.com/getumbrel/umbrel/commit/9ca55a25e043dcd50d5cb92c6ec756d368bb4794
submission: https://github.com/getumbrel/umbrel/commit/9ca55a25e043dcd50d5cb92c6ec756d368bb4794