[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-39860/nix

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
246a2855 by Salvatore Bonaccorso at 2026-04-25T17:20:21+02:00
Track fixed version for CVE-2026-39860/nix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9913,7 +9913,7 @@ CVE-2025-14857 (An improper access control vulnerability exists in Semtech LoRa
 CVE-2025-14732 (The Elementor Website Builder \u2013 More Than Just a Page Builder plu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-39860 (Nix is a package manager for Linux and other Unix systems. A bug in th ...)
-	- nix <unfixed> (bug #1133004)
+	- nix 2.34.6+dfsg-1 (bug #1133004)
 	[bullseye] - nix <postponed> (regresssion of postponed CVE-2024-27297; revisit when fixing CVE-2024-27297)
 	NOTE: https://github.com/NixOS/nix/security/advisories/GHSA-g3g9-5vj6-r3gj
 	NOTE: Introduced with: https://github.com/NixOS/nix/commit/a3163b9eabb952b4aa96e376dea95ebcca97b31a (2.21.0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/246a285556ea2b71d22f8e377e5eaed9b5c31423

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/246a285556ea2b71d22f8e377e5eaed9b5c31423
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260425/7cda6084/attachment.htm>