ALSA-2024:6422

[ALSA-2024:6422] Important: bubblewrap and flatpak security update

Type:

security

Severity:

important

Release date:

2024-09-06

Description:

Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces.

Security Fix(es):

* flatpak: Access to files outside sandbox for apps using persistent= (--persist) (CVE-2024-42472)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	flatpak-devel-1.12.9-3.el8_10.aarch64.rpm	32b4e255b1f52e31347784689f91e71bd4a287aba32823fab92d9f9a38e1585d
aarch64	bubblewrap-0.4.0-2.el8_10.aarch64.rpm	85405a51a7efaba00817e6e0b593be00c6a663eef45eaa751f8a38374f10c20a
aarch64	flatpak-session-helper-1.12.9-3.el8_10.aarch64.rpm	887580cd5747fed2507629b7414ee329e847872eda47ed258f97bcd9bf9dbc61
aarch64	flatpak-1.12.9-3.el8_10.aarch64.rpm	be8790b48b80303df072c9a8f812a83d89f605c75b72f5f5e2eb2b63100fcbaa
aarch64	flatpak-libs-1.12.9-3.el8_10.aarch64.rpm	c719ccc759cb072dd0b0b68eed13725d7525ede796f778972d75dc1edc8bcadc
i686	flatpak-libs-1.12.9-3.el8_10.i686.rpm	61ee64e17c7f269a63735f37f9ccff605c9970638066fcb9150f569ad0923305
i686	flatpak-session-helper-1.12.9-3.el8_10.i686.rpm	993e76b945e3f81cd5acba1e40c2620344a832294aa6dec233d64ee21a198698
i686	flatpak-devel-1.12.9-3.el8_10.i686.rpm	bf1a64207ca5954659857b136ec0508581f63f9ed2f6fd924dbca82234663fb4
i686	flatpak-1.12.9-3.el8_10.i686.rpm	c9aecc2a9607145f0f5a8004492e11141922720fa260df571a84fd31141d65b0
noarch	flatpak-selinux-1.12.9-3.el8_10.noarch.rpm	d84fc2962dc7cbe277bf16894675e52a94555cf694d9273b1743aaf7c371adaf
ppc64le	flatpak-devel-1.12.9-3.el8_10.ppc64le.rpm	354b3f5525d8a8c7faccf9cfcdb57827b91ec2e37b2e3b1f0951f6e36f5cec55
ppc64le	bubblewrap-0.4.0-2.el8_10.ppc64le.rpm	61cd736ab67b25a121d4d881e1655141e16998f810387f12ce95f0e717798846
ppc64le	flatpak-session-helper-1.12.9-3.el8_10.ppc64le.rpm	75a6f34761a5d583d0a465076d309cbae9e7137e7b612488ca64c9e2cfcc5d4a
ppc64le	flatpak-1.12.9-3.el8_10.ppc64le.rpm	77cf90f0409afb05740bafc3a9397aa0a7f34db557ce0a1913d92fcf61b4a88f
ppc64le	flatpak-libs-1.12.9-3.el8_10.ppc64le.rpm	aab09bb942abbc18178e012e06cb2a56374629918041da6ac7edf3af959c499b
s390x	flatpak-devel-1.12.9-3.el8_10.s390x.rpm	366cb55d10aa6d11c848f74ce38429b36a28fe5b98095e1b27cc177ad5391bbc
s390x	flatpak-libs-1.12.9-3.el8_10.s390x.rpm	5889ee1495c76235bc52165e5a67d18645c8ae1b8f127c22e31d565a3c97656e
s390x	bubblewrap-0.4.0-2.el8_10.s390x.rpm	5fd8de9029aed6562b89bfc34671df137f27efd77240241ace5dd8fcc595bf13
s390x	flatpak-1.12.9-3.el8_10.s390x.rpm	a62c19d4b1b705bb36dde36fb0c3ed76cb79b79c273a2b857bed3c450466435d
s390x	flatpak-session-helper-1.12.9-3.el8_10.s390x.rpm	c09125efd4c3c81498bfc91d6d3b31904ad152ffdebd3b64d28033c15c502e3e
x86_64	flatpak-libs-1.12.9-3.el8_10.x86_64.rpm	404290e4a27334da8f0555e9e97cbfab10873f10a2e117a3ab8eea62e71bc81e
x86_64	flatpak-1.12.9-3.el8_10.x86_64.rpm	4b15e7c9055df4f72ad75067e72f5410423b1e59f7c227955205515ca6dd15dd
x86_64	flatpak-session-helper-1.12.9-3.el8_10.x86_64.rpm	76756a75c1d1614b1300f55b459c6691f75230c677edaff8c0a5237b3041ed8e
x86_64	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	d57bdbd34f4c967a7a8a62b882bb10499b2d6f34e1f7d24211d50ccfb6d6aade
x86_64	flatpak-devel-1.12.9-3.el8_10.x86_64.rpm	e7ead25d76edda73661e0cb364d6094d5020368b082a09a80fcfac42628d7610

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.