guix-devel/gnu
Leo Famulari e2760d1a8b
gnu: Flatpak: Update to 1.2.3 [security fixes].
From 'NEWS' in the source distribution:

The CVE-2019-5736 runc vulnerability is about using /proc/self/exe
to modify the host side binary from the sandbox. This mostly does not
affect flatpak since the flatpak sandbox is not run with root permissions.
However, there is one case (running the apply_extra script for system
installs) where this happens, so this release contains a fix for that.

 * Don't expose /proc in apply_extra script sandbox.

* gnu/packages/package-management.scm (flatpak): Update to 1.2.3.
2019-02-12 17:14:09 -05:00
..
bootloader
build linux-modules: module-soft-dependencies: Remove colon from section names. 2019-01-25 18:24:00 +01:00
installer installer: Fix manual partitioning. 2019-01-17 14:04:28 +01:00
packages gnu: Flatpak: Update to 1.2.3 [security fixes]. 2019-02-12 17:14:09 -05:00
services services: docker: Make shepherd service also require "dbus-system", 2019-02-11 18:29:01 +01:00
system pack, vm: Fix incorrect use of 'package-transitive-propagated-inputs'. 2019-02-11 23:23:28 +01:00
tests gnu: Remove duplicate record fields. 2019-01-22 23:04:05 +01:00
artwork.scm artwork: Update snapshot to e951905. 2019-02-10 23:25:01 +01:00
bootloader.scm bootloader: Remove deprecated 'device' field. 2019-01-16 14:07:38 +01:00
ci.scm ci: Skip system tests on armhf-linux. 2019-01-21 10:19:31 +01:00
installer.scm gnu: Move most packages from guile.scm to new module. 2019-01-28 14:57:10 +01:00
local.mk gnu: runc: Update to 1.0.0-rc6 [fixes CVE-2019-5736]. 2019-02-12 12:53:12 -05:00
packages.scm guix package: '--list-available' can use data from the cache. 2019-01-15 20:24:09 +01:00
services.scm
system.scm gnu: Add graphical installer support. 2019-01-17 14:04:20 +01:00
tests.scm