(Internal changes only)

sd234678 · sd234678 · commit 056809440f22 · 2024-10-11T14:43:20.000+01:00
diff --git a/.last-exported-commit b/.last-exported-commit
@@ -1 +1 @@
-Last exported commit from parent repo: b4458f62ed869983cbec0df12090b438cb8c8cb7
+Last exported commit from parent repo: 85f777375514f28d1df3234724ce8e606a6e5f12
diff --git a/nix-bootstrap.cabal b/nix-bootstrap.cabal
@@ -5,7 +5,7 @@ cabal-version: 2.0
 -- see: https://github.com/sol/hpack
 
 name:           nix-bootstrap
-version:        1.7.1.0
+version:        1.7.1.1
 author:         gchquser
 maintainer:     48051938+sd234678@users.noreply.github.com
 copyright:      Crown Copyright
diff --git a/package.yaml b/package.yaml
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 name: nix-bootstrap
-version: 1.7.1.0
+version: 1.7.1.1
 author: gchquser
 maintainer: 48051938+sd234678@users.noreply.github.com
 copyright: Crown Copyright
diff --git a/vulnerability-whitelist.toml b/vulnerability-whitelist.toml
@@ -16,6 +16,10 @@
 cve = ["CVE-2023-4039"]
 comment = "Reasonable worst-case is loss of availability; risk acceptable."
 
+["libarchive"]
+cve = ["CVE-2024-37407"]
+comment = "libarchive is only used by nix itself, and only on the local filesystem. Could only be a viable vector if the attackr has arbitrary filesystem access, and would therefore be unlikely to be the chosen route."
+
 ["zlib-1.3.1"]
 cve = ["CVE-2023-6992"]
 comment = "We do not call the affected code with untrusted data."

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Last exported commit from parent repo: b4458f62ed869983cbec0df12090b438cb8c8cb7`
	`1`	`+Last exported commit from parent repo: 85f777375514f28d1df3234724ce8e606a6e5f12`