Re: Bug#1066113: guix: CVE-2024-27297

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug#1066113: guix: CVE-2024-27297

From:	pelzflorian (Florian Pelz)
Subject:	Re: Bug#1066113: guix: CVE-2024-27297
Date:	Sun, 24 Mar 2024 14:23:15 +0100
User-agent:	Gnus/5.13 (Gnus v5.13)

On 2024-03-16, Vagrant Cascadian wrote:
> For anyone with Guix or Nix installed, if I understand correctly, it
> basically allows arbitrarily replacing the source code for anything that
> you might build using Guix or Nix.

Yes, for multi-user systems and people running untrusted code in “guix
shell -CW” container isolation, there is risk.

Regards,
Florian

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Bug#1066113: guix: CVE-2024-27297, Vagrant Cascadian, 2024/03/23
- Re: Bug#1066113: guix: CVE-2024-27297, pelzflorian (Florian Pelz) <=

Prev by Date: Re: cuirass building and deployment
Next by Date: Re: PyTorch with ROCm
Previous by thread: Re: Bug#1066113: guix: CVE-2024-27297
Next by thread: Status of ‘core-updates’
Index(es):
- Date
- Thread