ALSA-2021:4042

[ALSA-2021:4042] Important: flatpak security update

Type:

security

Severity:

important

Release date:

2021-11-12

Description:

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

Security Fix(es):

* flatpak: Sandbox bypass via recent VFS-manipulating syscalls (CVE-2021-41133)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2021-41133

Updated packages listed below:

Architecture	Package	Checksum
i686	flatpak-libs-1.8.5-4.el8_4.i686.rpm	a9f51a5dd9a130ef7fafd68a46e1a064a8654f0450c3ad7f34b03b397fa22b5c
noarch	flatpak-selinux-1.8.5-4.el8_4.noarch.rpm	12c706c454eb2bfa2721fcaae4aed5e1e0cf5adf83696953a2c7ed5a4fb6d021
x86_64	flatpak-libs-1.8.5-4.el8_4.x86_64.rpm	14b4dac161ff1447abd77453378f49fdfa9d94582edc3bbd3a1aee1c91aa20cd
x86_64	flatpak-1.8.5-4.el8_4.x86_64.rpm	d3fa8d29b919846c5091b1ffc729b3c417349fb6a176eee3f4c0e9b41918adce
x86_64	flatpak-session-helper-1.8.5-4.el8_4.x86_64.rpm	d861d5a05350a9ce06f7b163d824250360c74c5ff339679979d2615c495308c7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.