GNU Guix

⚠️ Update #Guix due to Security issue ⚠️

It is strongly recommended to do a "guix pull", update all profiles. Restart the Guix Daemon, on Guix System reboot.

A potential security issue was identified in Guix's glibc package which impacts the Guix Daemon when run in privileged mode.

See the discussion on Codeberg for more details:

https://codeberg.org/guix/guix/pulls/6575

gnu: glibc: Graft with fix for unsafe env variable [security-fixes].

This PR is for discussion around the following security issue (see below); CVE number is pending. Before this change, the environment variable GUIX_LOCPATH is not in the unsafe variable list, meaning that it is not unset in a privileged environment. This could lead to potential security iss...

Codeberg.org
Feb 20 at 3:43pmWeb
Show threadtusharheroFeb 20
@guix perhaps you should automate these kinds of security update notifications?