[Git][security-tracker-team/security-tracker][master] Add reference for CVE-2024-27297
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 13 05:48:18 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0af6d74a by Salvatore Bonaccorso at 2024-03-13T06:47:32+01:00
Add reference for CVE-2024-27297
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -342,6 +342,7 @@ CVE-2024-27297 (Nix is a package manager for Linux and other Unix systems. A fix
- guix <unfixed> (bug #1066113)
- nix <unfixed>
NOTE: Fixed by: https://git.savannah.gnu.org/cgit/guix.git/commit/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143
+ NOTE: https://guix.gnu.org/en/blog/2024/fixed-output-derivation-sandbox-bypass-cve-2024-27297/
NOTE: https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37
NOTE: https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9
CVE-2024-27121 (Path traversal vulnerability exists in Machine Automation Controller N ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0af6d74a9d9c4b826ac84f80e981fe384ec205ac
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0af6d74a9d9c4b826ac84f80e981fe384ec205ac
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240313/0eeb9d39/attachment.htm>
More information about the debian-security-tracker-commits
mailing list