Bug#1108318: guix: CVE-2025-46415 CVE-2025-46416 CVE-2025-52991 CVE-2025-52992 CVE-2025-52993

Wed, 25 Jun 2025 13:57:13 -0700 

Source: guix
Version: 1.4.0-9
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>

Hi,

The following vulnerabilities were published for guix.

CVE-2025-46415[0], CVE-2025-46416[1], CVE-2025-52991[2],
CVE-2025-52992[3], CVE-2025-52993[4].


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-46415
    https://www.cve.org/CVERecord?id=CVE-2025-46415
[1] https://security-tracker.debian.org/tracker/CVE-2025-46416
    https://www.cve.org/CVERecord?id=CVE-2025-46416
[2] https://security-tracker.debian.org/tracker/CVE-2025-52991
    https://www.cve.org/CVERecord?id=CVE-2025-52991
[3] https://security-tracker.debian.org/tracker/CVE-2025-52992
    https://www.cve.org/CVERecord?id=CVE-2025-52992
[4] https://security-tracker.debian.org/tracker/CVE-2025-52993
    https://www.cve.org/CVERecord?id=CVE-2025-52993
[5] https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply via email to