You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa flatpak

Sigurnosni nedostaci programskog paketa flatpak

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2018-b5ecac9405
2018-02-06 10:46:27.958567
——————————————————————————–

Name : flatpak
Product : Fedora 26
Version : 0.10.3
Release : 1.fc26
URL : http://flatpak.org/
Summary : Application deployment framework for desktop apps
Description :
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.

——————————————————————————–
Update Information:

This is a security fix release that fixes a sandbox escape in the flatpak dbus
proxy. This issue was found by Gabriel Campana of The Google Security Team.
Major changes in 0.10.3 * Fix dbus proxy vulnerability in authentication phase
* Make permission handling ignore unknown permissions for forwards
compatibility * Removed incorrect error message in update –appdata when ther
was no updates * Fix handling of abort in the duplicate remote prompt * Fix
division by zero in progress calculation * Fix flatpak remote-info –show-
metadata
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade flatpak’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-bd651734da
2018-02-06 15:24:55.359844
——————————————————————————–

Name        : flatpak
Product     : Fedora 27
Version     : 0.10.3
Release     : 1.fc27
URL         : http://flatpak.org/
Summary     : Application deployment framework for desktop apps
Description :
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.

——————————————————————————–
Update Information:

This is a security fix release that fixes a sandbox escape in the flatpak dbus
proxy. This issue was found by Gabriel Campana of The Google Security Team.
Major changes in 0.10.3   * Fix dbus proxy vulnerability in authentication phase
* Make permission handling ignore unknown permissions for forwards
compatibility  * Removed incorrect error message in update –appdata when ther
was no updates  * Fix handling of abort in the duplicate remote prompt  * Fix
division by zero in progress calculation  * Fix flatpak remote-info –show-
metadata
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade flatpak’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorPetar Bertok
Cert idNCERT-REF-2018-02-0039-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa clamav

Otkriveni su sigurnosni nedostaci u programskom paketu clamav za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close