‘guix substitute‘ and ‘guix pull‘ vulnerabilities
13 points by csantosb
13 points by csantosb
Unfortunately a lot of Guix distribution packages are unmaintained, such as Debian's. Considering the severity of this vulnerability, I have uninstalled my distro-provided copy of Guix and installed it with their install script.