GNU Guix Vulnerabilities Allow Remote Privilege Escalation via Malicious Binary Substitutes
GNU Guix has disclosed four serious security vulnerabilities affecting its package substitution and channel-management features. Three flaws in the guix substitute utility can enable remote privilege escalation, corruption of stored data, and local disclosure of files readable by the build daemon...