[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-27297/nix

Salvatore Bonaccorso (@carnil) Wed, 13 Mar 2024 12:50:37 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f0bb3de9 by Salvatore Bonaccorso at 2024-03-13T20:49:04+01:00
Add Debian bug reference for CVE-2024-27297/nix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -420,7 +420,7 @@ CVE-2024-27900 (Due to missing authorization check, 
attacker with business user
        NOT-FOR-US: SAP
 CVE-2024-27297 (Nix is a package manager for Linux and other Unix systems. A 
fixed-out ...)
        - guix <unfixed> (bug #1066113)
-       - nix <unfixed>
+       - nix <unfixed> (bug #1066812)
        NOTE: Fixed by: 
https://git.savannah.gnu.org/cgit/guix.git/commit/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143
        NOTE: 
https://guix.gnu.org/en/blog/2024/fixed-output-derivation-sandbox-bypass-cve-2024-27297/
        NOTE: 
https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0bb3de91d9b8428a96aef4c45f51292acbded49

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0bb3de91d9b8428a96aef4c45f51292acbded49
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-27297/nix

Reply via email to