gnu: bubblewrap: Update to 0.4.1 [fixes CVE-2020-5291].

Relevant only ‘[i]f bubblewrap is installed in setuid mode and the
kernel supports unprivileged user namespaces’.

Bubblewrap is not setuid by default on Guix System.

* gnu/packages/virtualization.scm (bubblewrap): Update to 0.4.1.
This commit is contained in:
Tobias Geerinckx-Rice 2020-04-10 23:45:03 +02:00
parent a5ab71c73f
commit 4061305509
No known key found for this signature in database
GPG key ID: 0DB0FF884F556D79

View file

@ -1083,7 +1083,7 @@ (define-public python-vagrant
(define-public bubblewrap (define-public bubblewrap
(package (package
(name "bubblewrap") (name "bubblewrap")
(version "0.4.0") (version "0.4.1")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
(uri (string-append "https://github.com/containers/bubblewrap/" (uri (string-append "https://github.com/containers/bubblewrap/"
@ -1091,7 +1091,7 @@ (define-public bubblewrap
version ".tar.xz")) version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"08r0f4c3fjkb4zjrb4kkax1zfcgcgic702vb62sjjw5xfhppvzp5")))) "00ycgi6q2yngh06bnz50wkvar6r2jnjf3j158grhi9k13jdrpimr"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(arguments (arguments
`(#:phases `(#:phases