GNU Guix: Fixed-Output Derivation Sandbox Bypass (CVE-2024-27297)
A security issue has been identified in
guix-daemon
which allows for fixed-output
derivations,
such as source code tarballs or Git checkouts, to be corrupted by an
unprivileged user. This could also lead to local privilege escalation.
This was origin…