Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2012-0051

created 2 months ago Activity log

Created suggestion 2 months ago

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers …

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.

References

https://security-tracker.debian.org/tracker/CVE-2012-0051 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/01/15/11 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/01/26/7 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/01/26/8 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/01/26/9 x_transferredx_refsource_MISC
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1654 x_transferredx_refsource_CONFIRM

Affected products

tahoe-lafs

==1.10.0-2

Matching in nixpkgs

pkgs.tahoe-lafs

Tahoe-LAFS, a decentralized, fault-tolerant, distributed storage system

nixos-unstable 1.20.0-unstable-2025-10-12
- nixpkgs-unstable 1.20.0-unstable-2025-10-12
- nixos-unstable-small 1.20.0-unstable-2025-10-12
nixos-25.11 1.20.0-unstable-2025-10-12
- nixos-25.11-small 1.20.0-unstable-2025-10-12
- nixpkgs-25.11-darwin 1.20.0-unstable-2025-10-12

Package maintainers

@MostAwesomeDude Corbin Simpson <cds@corbinsimpson.com>