GNU bug report logs - #69728
[PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Mon, 11 Mar 2024 10:55:01 UTC

Severity: normal

Tags: patch, security

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #25 received at 69728 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: John Kehayias <john.kehayias <at> protonmail.com>
Cc: Picnoir <picnoir <at> alternativebit.fr>, 69728 <at> debbugs.gnu.org,
 Théophane Hufschmitt <theophane.hufschmitt <at> tweag.io>,
 guix-security <at> gnu.org
Subject: Re: bug#69728: [PATCH security] daemon: Protect against FD escape
 when building fixed-output derivations (CVE-2024-27297).
Date: Tue, 12 Mar 2024 16:31:00 +0100

Hi John,

John Kehayias <john.kehayias <at> protonmail.com> skribis:

> The updated post is attached. I will have some time here and there
> over the next few hours to make changes, but will mostly be away from
> my Guix machine to handle actually pushing. So, once it looks good,
> feel free to do that or I can do it this evening my time (in about 7-8
> hours).

LGTM, thank you!

Ludo’.

This bug report was last modified 1 year and 149 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #69728 [PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).

GNU bug report logs - #69728
[PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).