[Bug 1822024] Re: Sync flatpak 1.2.3-2 (universe) from Debian unstable (main) for CVE-2019-10063
Andrew Hayzen
1822024 at bugs.launchpad.net
Thu Mar 28 09:40:10 UTC 2019
If possible please sync 1.2.4-1 as this is the new upstream microrelease
with other fixes as well :-) Also note I am preparing the fix (1.0.8)
for bionic and cosmic in bug 1821811, I plan to be submitting this later
today. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1822024
Title:
Sync flatpak 1.2.3-2 (universe) from Debian unstable (main) for
CVE-2019-10063
Status in flatpak package in Ubuntu:
New
Bug description:
Please sync flatpak 1.2.3-2 (universe) from Debian unstable (main)
Changelog entries since current disco version 1.2.3-1:
flatpak (1.2.3-2) unstable; urgency=high
* seccomp: Reject all ioctls that the kernel will interpret as TIOCSTI,
including those where the high 32 bits in a 64-bit word are nonzero.
(Closes: #925541, CVE-2019-10063)
-- Simon McVittie <smcv at debian.org> Tue, 26 Mar 2019 20:38:36 +0000
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1822024/+subscriptions
More information about the Ubuntu-sponsors
mailing list