diff options
author | Chris Lamb <lamby@debian.org> | 2021-10-13 09:07:11 +0100 |
---|---|---|
committer | Chris Lamb <lamby@debian.org> | 2021-10-13 09:10:38 +0100 |
commit | 2a31a121fc8f7657b3e7c14e6a417eabd7122b50 (patch) | |
tree | 675631827948fd558ee6613b862236d4c28a8d20 /data | |
parent | 31a21f14a41551587c368cd0babf001d2c369458 (diff) |
Triage CVE-2021-41133 in flatpak for stretch LTS.
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list.2021 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 6f0c55574e..622e0b928f 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -515,6 +515,7 @@ CVE-2021-41133 (Flatpak is a system for building, distributing, and running sand {DSA-4984-1} - flatpak 1.12.1-1 (bug #995935) [buster] - flatpak <ignored> (Not exploitable with Debian buster kernel, intrusive to backport; requires updated libseccomp) + [stretch] - flatpak <ignored> (Difficult to exploit) NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q NOTE: Sourcewise fixed in 1.12.0-1 already, but 1.12.1-1 adds stricter dependency NOTE: to libseccomp 2.5.2 so that CVE-2021-41133 is fully prevented. |