Sicherheit: Ausführen beliebiger Kommandos in flatpak
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in flatpak
ID: FEDORA-2018-bd651734da
Distribution: Fedora
Plattformen: Fedora 27
Datum: Di, 6. Februar 2018, 19:06
Referenzen: Keine Angabe
Applikationen: flatpak


Fedora Update Notification
2018-02-06 15:24:55.359844

Name : flatpak
Product : Fedora 27
Version : 0.10.3
Release : 1.fc27
URL : http://flatpak.org/
Summary : Application deployment framework for desktop apps
Description :
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.

Update Information:

This is a security fix release that fixes a sandbox escape in the flatpak dbus
proxy. This issue was found by Gabriel Campana of The Google Security Team.
Major changes in 0.10.3 * Fix dbus proxy vulnerability in authentication
* Make permission handling ignore unknown permissions for forwards
compatibility * Removed incorrect error message in update --appdata when ther
was no updates * Fix handling of abort in the duplicate remote prompt * Fix
division by zero in progress calculation * Fix flatpak remote-info --show-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade flatpak' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten