——————————————————————————–
Fedora Update Notification
FEDORA-2018-b5ecac9405
2018-02-06 10:46:27.958567
——————————————————————————–
Name : flatpak
Product : Fedora 26
Version : 0.10.3
Release : 1.fc26
URL : http://flatpak.org/
Summary : Application deployment framework for desktop apps
Description :
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.
——————————————————————————–
Update Information:
This is a security fix release that fixes a sandbox escape in the flatpak dbus
proxy. This issue was found by Gabriel Campana of The Google Security Team.
Major changes in 0.10.3 * Fix dbus proxy vulnerability in authentication phase
* Make permission handling ignore unknown permissions for forwards
compatibility * Removed incorrect error message in update –appdata when ther
was no updates * Fix handling of abort in the duplicate remote prompt * Fix
division by zero in progress calculation * Fix flatpak remote-info –show-
metadata
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade flatpak’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-bd651734da
2018-02-06 15:24:55.359844
——————————————————————————–
Name : flatpak
Product : Fedora 27
Version : 0.10.3
Release : 1.fc27
URL : http://flatpak.org/
Summary : Application deployment framework for desktop apps
Description :
flatpak is a system for building, distributing and running sandboxed desktop
applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for
more information.
——————————————————————————–
Update Information:
This is a security fix release that fixes a sandbox escape in the flatpak dbus
proxy. This issue was found by Gabriel Campana of The Google Security Team.
Major changes in 0.10.3 * Fix dbus proxy vulnerability in authentication phase
* Make permission handling ignore unknown permissions for forwards
compatibility * Removed incorrect error message in update –appdata when ther
was no updates * Fix handling of abort in the duplicate remote prompt * Fix
division by zero in progress calculation * Fix flatpak remote-info –show-
metadata
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade flatpak’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org