Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 40: FEDORA-2024-7b8a05a5d1 Critical: Flatpak Access Control Issue

fedora
Calendar Grey September 3, 2024
Dist Fedora Esm H88
Debian 12 flatpak release 1.15.12 resolves a significant vulnerability. Ensure your environment is protected with this announcement.
Update to 1.15.10 (CVE-2024-42472)

Summary

flatpak is a system for building, distributing and running sandboxed desktop

applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for

more information.

Update Information:

Update to 1.15.10 (CVE-2024-42472)

Topics%20covered

Topics Covered

security advisory Fedora access control application update flatpak

Change Log

* Fri Aug 30 2024 Kalev Lember - 1.15.10-1 - Update to 1.15.10 (#2299621) * Wed Jul 17 2024 Fedora Release Engineering - 1.15.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

References


[ 1 ] Bug #2299621 - flatpak-1.15.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=2299621 [ 2 ] Bug #2305287 - CVE-2024-42472 flatpak: Access to files outside sandbox for apps using persistent= (--persist) [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2305287

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7b8a05a5d1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: flatpak
Product: Fedora 40
Version: 1.15.10
Release: 1.fc40
URL: https://flatpak.org/
Summary: Application deployment framework for desktop apps

Topics%20covered

Topics Covered

security advisory Fedora access control application update flatpak

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here