Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2015-1316

created 1 month, 3 weeks ago

Juju Joyent provider uploads user's private ssh key by default

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.

References

http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_transferredx_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_transferredx_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_transferredx_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_refsource_MISC
http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119 x_transferredx_refsource_MISC

Affected products

Juju

<1.25.5

Matching in nixpkgs

pkgs.juju

Open source modelling tool for operating software in the cloud

nixos-unstable 3.6.12
- nixpkgs-unstable 3.6.12
- nixos-unstable-small 3.6.12
nixos-25.11 3.6.11
- nixos-25.11-small 3.6.11
- nixpkgs-25.11-darwin 3.6.11

pkgs.jujutsu

Git-compatible DVCS that is both simple and powerful

nixos-unstable 0.38.0
- nixpkgs-unstable 0.38.0
- nixos-unstable-small 0.38.0
nixos-25.11 0.35.0
- nixos-25.11-small 0.35.0
- nixpkgs-25.11-darwin 0.35.0

pkgs.jujuutils

Utilities around FireWire devices connected to a Linux computer

nixos-unstable 0.2
- nixpkgs-unstable 0.2
- nixos-unstable-small 0.2
nixos-25.11 0.2
- nixos-25.11-small 0.2
- nixpkgs-25.11-darwin 0.2

Package maintainers

@RealityAnomaly Alex Zero <alex@arctarus.co.uk>
@0x4A6F Joachim Ernst <mail-maintainer@0x4A6F.dev>
@thoughtpolice Austin Seipp <aseipp@pobox.com>
@emilazy Emily <nixpkgs@emily.moe>
@bbigras Bruno Bigras <bigras.bruno@gmail.com>