GNU bug report logs - #69728
[PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Mon, 11 Mar 2024 10:55:01 UTC

Severity: normal

Tags: patch, security

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #30 received at 69728-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: John Kehayias <john.kehayias <at> protonmail.com>
Cc: Picnoir <picnoir <at> alternativebit.fr>, guix-security <at> gnu.org,
 Théophane Hufschmitt <theophane.hufschmitt <at> tweag.io>,
 69728-done <at> debbugs.gnu.org
Subject: Re: bug#69728: [PATCH security] daemon: Protect against FD escape
 when building fixed-output derivations (CVE-2024-27297).
Date: Wed, 13 Mar 2024 11:00:42 +0100

For posterity: the blog post was published yesterday at
<https://guix.gnu.org/en/blog/2024/fixed-output-derivation-sandbox-bypass-cve-2024-27297/>.

Ludo’.

This bug report was last modified 1 year and 149 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #69728 [PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).

GNU bug report logs - #69728
[PATCH security] daemon: Protect against FD escape when building fixed-output derivations (CVE-2024-27297).