GNU bug report logs - #70022
[PATCH 0/2] Binary Installation: Add more distros.

Previous Next

Package: guix-patches;

Reported by: Denis 'GNUtoo' Carikli <GNUtoo <at> cyberdimension.org>

Date: Tue, 26 Mar 2024 23:47:02 UTC

Severity: normal

Tags: patch

Done: "pelzflorian (Florian Pelz)" <pelzflorian <at> pelzflorian.de>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Florian Pelz <pelzflorian <at> pelzflorian.de>
To: 70022 <at> debbugs.gnu.org
Cc: Florian Pelz <pelzflorian <at> pelzflorian.de>
Subject: [bug#70022] [PATCH v3 1/3] doc: Warn about foreign distro Guix packages' security.
Date: Sat, 13 Apr 2024 09:18:50 +0200

* doc/guix.texi (Binary Installation): Prefix installation instructions
with a warning.

Change-Id: I088c7f00f4c3c8e32bdfd117ea934942930f7513
---
 doc/guix.texi | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/guix.texi b/doc/guix.texi
index 5efbd00984..f6bbed1de3 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -741,6 +741,13 @@ Binary Installation
 may be older than @value{VERSION} but you can update it afterwards by
 running @samp{guix pull}.
 
+In the past, lately, security vulnerabilities in @command{guix-daemon}
+have been discovered and fixes for them have not yet been provided in
+foreign distributions' packages.  We advise those who install Guix,
+both from the installation script or by distro packages, to also
+regularly read and follow security notices, as shown by @command{guix
+pull}.
+
 For Debian or a derivative such as Ubuntu, call:
 
 @example

base-commit: 15a523ea213065c275e4852673cbb27c72c0ad87
-- 
2.41.0

This bug report was last modified 1 year and 37 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #70022 [PATCH 0/2] Binary Installation: Add more distros.

GNU bug report logs - #70022
[PATCH 0/2] Binary Installation: Add more distros.