Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
FEDORA-2026-8c7366e046 (nix-2.34.5-1.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2026-8c7366e046
FEDORA-2026-6c1a1c78c1 (nix-2.31.4-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2026-6c1a1c78c1
FEDORA-2026-02fa328deb (nix-2.31.4-1.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2026-02fa328deb
See https://github.com/NixOS/nix/security/advisories/GHSA-g3g9-5vj6-r3gj for more details.
AGREED AcceptedFinalFreezeException Discussed at the 2026-04-13 (blocker / freeze exception) review meeting: This is accepted as it's nice to fix CVEs in the stable repo for folks installing or upgrading ahead of release. It's not a blocker as nix isn't included in any release-blocking images by default. https://meetbot-raw.fedoraproject.org//blocker-review_matrix_fedoraproject-org/2026-04-13/f44-blocker-review.2026-04-13-16.00.log.txt
FEDORA-2026-8c7366e046 (nix-2.34.5-1.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2026-6c1a1c78c1 (nix-2.31.4-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2026-02fa328deb (nix-2.31.4-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.