CVE-2024-29864: Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5b09f34921042e035679be3dfe9a66fc309188e7 commit 5b09f34921042e035679be3dfe9a66fc309188e7 Author: Maciej Barć <xgqt@gentoo.org> AuthorDate: 2024-03-29 02:39:53 +0000 Commit: Maciej Barć <xgqt@gentoo.org> CommitDate: 2024-03-29 03:04:55 +0000 app-containers/distrobox: drop old 1.6.0.1 Bug: https://bugs.gentoo.org/927742 Signed-off-by: Maciej Barć <xgqt@gentoo.org> app-containers/distrobox/Manifest | 1 - app-containers/distrobox/distrobox-1.6.0.1.ebuild | 32 ----------------------- 2 files changed, 33 deletions(-)