Fedora 39: FEDORA-2024-03fd821ae2 Moderate: Flatpak Access Control Fix
fedora
September 15, 2024
flatpak 1.15.10 and bubblewrap 0.10.0 updates, which together fix CVE-2024-42472 in Flatpak.
Summary
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.
Update Information:
flatpak 1.15.10 and bubblewrap 0.10.0 updates, which together fix CVE-2024-42472 in Flatpak.
Topics Covered
Change Log
* Fri Aug 30 2024 Kalev Lember
References
[ 1 ] Bug #2271977 - bubblewrap-0.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2271977 [ 2 ] Bug #2299621 - flatpak-1.15.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2299621 [ 3 ] Bug #2305286 - CVE-2024-42472 flatpak: Access to files outside sandbox for apps using persistent= (--persist) [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2305286
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-03fd821ae2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Name: flatpak
Product: Fedora 39
Version: 1.15.10
Release: 1.fc39
URL: https://flatpak.org/
Summary: Application deployment framework for desktop apps
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!