⚠ If you’re using #Guix, consider upgrading ‘guix-daemon’ now 👇
https://guix.gnu.org/en/blog/2024/build-user-takeover-vulnerability/
Fellow hacker Reepca (Caleb Ristvedt) found two related vulnerabilities allowing for a takeover of the build user accounts used by guix-daemon, which in turn could let anyone interfere with build processes.