tribes/guix

Fork 1

mirror of https://git.savannah.gnu.org/git/guix.git synced 2026-04-17 15:50:31 +02:00

Commit Graph

Author	SHA1	Message	Date
John Kehayias	d659fe8666	gnu: glibc: Graft with fix for unsafe env variable [security-fixes]. Before this change, the environment variable GUIX_LOCPATH is not in the unsafe variable list, meaning that it is not unset in a privileged environment. This could lead to potential security issues. A CVE number is pending for this issue. A similar upstream glibc issue was CVE-2023-4911. * gnu/packages/base.scm (glibc)[replacement]: Add field to graft with ... (glibc/fixed): ... this new package. * gnu/packages/patches/glibc-guix-locpath.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. Change-Id: I74d87ce543bfba7d5f424efb2b87926ca336c725 Reported-by: "Stefan" <stefan-guix@vodafonemail.de>	2026-02-20 01:08:07 -05:00

Author

SHA1

Message

Date

John Kehayias

d659fe8666

gnu: glibc: Graft with fix for unsafe env variable [security-fixes].

Before this change, the environment variable GUIX_LOCPATH is not in the unsafe
variable list, meaning that it is not unset in a privileged environment.  This
could lead to potential security issues.  A CVE number is pending for this
issue.  A similar upstream glibc issue was CVE-2023-4911.

* gnu/packages/base.scm (glibc)[replacement]: Add field to graft with ...
(glibc/fixed): ... this new package.
* gnu/packages/patches/glibc-guix-locpath.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.

Change-Id: I74d87ce543bfba7d5f424efb2b87926ca336c725
Reported-by: "Stefan" <stefan-guix@vodafonemail.de>

2026-02-20 01:08:07 -05:00

1 Commits