diff options
author | Kåre Thor Olsen <kaare@nightcall.dk> | 2021-10-14 09:47:33 +0200 |
---|---|---|
committer | Kåre Thor Olsen <kaare@nightcall.dk> | 2021-10-14 09:47:33 +0200 |
commit | 5004ac5f8a314d76777de79849730426b3f783fc (patch) | |
tree | cbdc2465c4c5d8620e009ac3443fb2f4b1374abf /english/security/2021/dsa-4984.wml | |
parent | 8f17b3f07826d620978215444d12afa62a576b99 (diff) |
[SECURITY] [DSA 4984-1] flatpak security update
Diffstat (limited to 'english/security/2021/dsa-4984.wml')
-rw-r--r-- | english/security/2021/dsa-4984.wml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/english/security/2021/dsa-4984.wml b/english/security/2021/dsa-4984.wml new file mode 100644 index 00000000000..cea9bb42995 --- /dev/null +++ b/english/security/2021/dsa-4984.wml @@ -0,0 +1,26 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that sandbox restrictions in Flatpak, an application +deployment framework for desktop apps, could be bypassed for a Flatpak +app with direct access to AF_UNIX sockets, by manipulating the VFS using +mount-related syscalls that are not blocked by Flatpak's denylist +seccomp filter.</p> + +<p>Details can be found in the upstream advisory at +<a href="https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q">\ +https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q</a></p> + +<p>For the stable distribution (bullseye), this problem has been fixed in +version 1.10.5-0+deb11u1.</p> + +<p>We recommend that you upgrade your flatpak packages.</p> + +<p>For the detailed security status of flatpak please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/flatpak">\ +https://security-tracker.debian.org/tracker/flatpak</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2021/dsa-4984.data" +# $Id: $ |