[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: news: Add erratum for '--keep-failed' vulnerabili
From: |
guix-commits |
Subject: |
branch master updated: news: Add erratum for '--keep-failed' vulnerability. |
Date: |
Thu, 18 Mar 2021 16:52:44 -0400 |
This is an automated email from the git hooks/post-receive script.
nckx pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new f62633a news: Add erratum for '--keep-failed' vulnerability.
f62633a is described below
commit f62633a527a7b54ab2c552b493dce382ab2365e6
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Thu Mar 18 21:51:45 2021 +0100
news: Add erratum for '--keep-failed' vulnerability.
* etc/news.scm: Add entry.
---
etc/news.scm | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/etc/news.scm b/etc/news.scm
index 3c604b0..f3e6bb6 100644
--- a/etc/news.scm
+++ b/etc/news.scm
@@ -22,6 +22,22 @@
(entry (commit "ec7fb669945bfb47c5e1fdf7de3a5d07f7002ccf")
(title
+ (en "Update on previous @command{guix-daemon} local privilege
escalation"))
+ (body
+ (en "The previous news item described a potential local privilege
+escalation in @command{guix-daemon}, and claimed that systems with the Linux
+@uref{https://www.kernel.org/doc/Documentation/sysctl/fs.txt,
+``protected hardlink''} feature enabled were unaffected by the vulnerability.
+
+This is not entirely correct. Exploiting the bug on such systems is harder,
+but not impossible. To avoid unpleasant surprises, all users are advised to
+upgrade @command{guix-daemon}. Run @command{info \"(guix) Upgrading Guix\"}
+for info on how to do that. See
+@uref{http://guix.gnu.org/en/blog/2021/risk-of-local-privilege-escalation-via-guix-daemon/}
+for more information on this bug.")))
+
+ (entry (commit "ec7fb669945bfb47c5e1fdf7de3a5d07f7002ccf")
+ (title
(en "Risk of local privilege escalation @i{via}
@command{guix-daemon}")
(de "Risiko lokaler Rechteausweitung über @command{guix-daemon}")
(fr "Risque d'élévation locale de privilèges @i{via}
@command{guix-daemon}")
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: news: Add erratum for '--keep-failed' vulnerability.,
guix-commits <=