drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen von Code mit höheren Privilegien in flatpak
Name: |
Ausführen von Code mit höheren Privilegien in flatpak |
|
ID: |
DSA-4868-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian buster |
|
Datum: |
Sa, 13. März 2021, 00:20 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381 |
|
Applikationen: |
Flatpak |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4868-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2021 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : flatpak CVE ID : CVE-2021-21381
Anton Lydike discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed via a malicious .desktop file.
For the stable distribution (buster), this problem has been fixed in version 1.2.5-0+deb10u4.
We recommend that you upgrade your flatpak packages.
For the detailed security status of flatpak please refer to its security tracker page at: https://security-tracker.debian.org/tracker/flatpak
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmBL3pkACgkQEMKTtsN8 TjaRXxAAhOmndiO/HWvXC95KQr+LinVmYTk3rdXQQ2NtLGCJwoSo8CY5Cs6P649h /nRAdNfjgfm40gVlOIIaI0v5pG7wTy4vTulwtRBbJ844wjuJEbTgsRPe2RIYIMLP sZDTG1be0k0X48JKavGehn4JqXe+GyF54+g0X1Mh34mG0e6LVdYriBy0nHS8/UHQ sI2S3ABS10zBz9nt+/CByvJabosPx4DaSMnWIHBanXFghu3TkhqVA/A1zX0VyZrT DN0oHTYtvV2gN+hFe6u128ANh1yfm6fVAIQ6z/BMvhwdjgDT23HUNDqnZG1Wdj5P LtICMy9ntBUF8Ho0oq8GguYY7AidUKzMqkd8UNufuM836mpy3YkCiVA76LHY0r4X 8VhpAsUyvdwS+enJ4q9SrvSfnlUKUG6032CPoC+UKqYwgaXtbEkcAvU1G2+WoiHW OhsFJTivFXB1cfZILU6FN8IvDJxKPJG7tnzFv8utYmiAkx1nIXdV/xTsaeEkgOPl s6zc4BVcx/CNgZYLRevoVN5sxG+Lo5hLj+Q4aqvWndXqEA3csDsMFD6sUBBTo5OW ee97tLVGMyK0mrN0akujpg3FrQOxcr0KmpBXATy2/4qbt/1waanMcSCJdup5C2p1 UkvOxgzS87GRL8O7gET8uPpk0T7zQ8pc/LeqoeshXqLS3kbe/iU= =oU5p -----END PGP SIGNATURE-----
|
|
|
|