blob: 99c1a82a90adf20200c8279320ee0abd97f09b24 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#use wml::debian::translation-check translation="cc173b8d34b89c7d43e8628759e88ae4a67b7db9"
<define-tag description>安全更新</define-tag>
<define-tag moreinfo>
<p>Simon McVittie 在flatpak门户服务中发现了一个bug,
它允许沙盒应用程序在主机系统上执行任意代码(沙盒逃脱)。</p>
<p>The Flatpak portal D-Bus service (flatpak-portal, also known by its
D-Bus service name org.freedesktop.portal.Flatpak) allows apps in a
Flatpak sandbox to launch their own subprocesses in a new sandbox
instance, either with the same security settings as the caller or
with more restrictive security settings. For example, this is used in
Flatpak-packaged web browsers such as Chromium to launch subprocesses
that will process untrusted web content, and give those subprocesses a
more restrictive sandbox than the browser itself。</p>
<p>In vulnerable versions, the Flatpak portal service passes caller-specified
environment variables to non-sandboxed processes on the host system,
and in particular to the flatpak run command that is used to launch the
new sandbox instance. A malicious or compromised Flatpak app could set
environment variables that are trusted by the flatpak run command, and
use them to execute arbitrary code that is not in a sandbox。</p>
<p>在稳定版(buster)中,此问题已被修复于
版本 1.2.5-0+deb10u2。</p>
<p>我们建议您升级您的 flatpak 软件包。</p>
<p>查看关于 flatpak 的详细信息,
请访问其安全追踪页面
<a href="https://security-tracker.debian.org/tracker/flatpak">\
https://security-tracker.debian.org/tracker/flatpak</a>。</p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2021/dsa-4830.data"
|
