From 406130550912ee1254198b6349d7d7892e59217b Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 10 Apr 2020 23:45:03 +0200 Subject: [PATCH] gnu: bubblewrap: Update to 0.4.1 [fixes CVE-2020-5291]. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Relevant only ‘[i]f bubblewrap is installed in setuid mode and the kernel supports unprivileged user namespaces’. Bubblewrap is not setuid by default on Guix System. * gnu/packages/virtualization.scm (bubblewrap): Update to 0.4.1. --- gnu/packages/virtualization.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm index 5bee79cbb4..0fded11f3a 100644 --- a/gnu/packages/virtualization.scm +++ b/gnu/packages/virtualization.scm @@ -1083,7 +1083,7 @@ (define-public python-vagrant (define-public bubblewrap (package (name "bubblewrap") - (version "0.4.0") + (version "0.4.1") (source (origin (method url-fetch) (uri (string-append "https://github.com/containers/bubblewrap/" @@ -1091,7 +1091,7 @@ (define-public bubblewrap version ".tar.xz")) (sha256 (base32 - "08r0f4c3fjkb4zjrb4kkax1zfcgcgic702vb62sjjw5xfhppvzp5")))) + "00ycgi6q2yngh06bnz50wkvar6r2jnjf3j158grhi9k13jdrpimr")))) (build-system gnu-build-system) (arguments `(#:phases