1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1066113: guix: CVE-2024-27297

    From pelzflorian (Florian Pelz)@21:1/5 to Vagrant Cascadian on Sun Mar 24 14:40:01 2024
    On 2024-03-16, Vagrant Cascadian wrote:
    For anyone with Guix or Nix installed, if I understand correctly, it basically allows arbitrarily replacing the source code for anything that
    you might build using Guix or Nix.

    Yes, for multi-user systems and people running untrusted code in “guix
    shell -CW” container isolation, there is risk.

    Regards,
    Florian

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)