Описание
ELSA-2018-2766: flatpak security update (MODERATE)
[0.8.8-4]
- Add patch for CVE-2018-6560 (#1547376)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
flatpak
0.8.8-4.el7_5
flatpak-builder
0.8.8-4.el7_5
flatpak-devel
0.8.8-4.el7_5
flatpak-libs
0.8.8-4.el7_5
Oracle Linux x86_64
flatpak
0.8.8-4.el7_5
flatpak-builder
0.8.8-4.el7_5
flatpak-devel
0.8.8-4.el7_5
flatpak-libs
0.8.8-4.el7_5
Связанные CVE
Связанные уязвимости
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0 ...
In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.