ALSA-2024:6356

[ALSA-2024:6356] Important: bubblewrap and flatpak security update

Type:

security

Severity:

important

Release date:

2024-09-05

Description:

Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces.

Security Fix(es):

* flatpak: Access to files outside sandbox for apps using persistent= (--persist) (CVE-2024-42472)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	bubblewrap-0.4.1-7.el9_4.alma.1.aarch64.rpm	2a5c8e422e42eab27b1af5c71d311462b25f40372e6ae288e400b1b5a3d20915
aarch64	flatpak-session-helper-1.12.9-3.el9_4.aarch64.rpm	b18676d7a096f31662f0d198e1ee23f2c69f9f880b768ba6010aa7cdc9a36d56
aarch64	flatpak-libs-1.12.9-3.el9_4.aarch64.rpm	d237997d3ebdb61d85f49f4393cffcf12c392b6fbbad092221cc7f5e8ccbd754
aarch64	flatpak-1.12.9-3.el9_4.aarch64.rpm	e17c22e38b2a418aa54399f6f3020567027cfd69f3fa2efd739db05e5f0a4eda
aarch64	flatpak-devel-1.12.9-3.el9_4.aarch64.rpm	fdf42c339826cd9ea8e2c18c8842bca7b23429d1da92f0d26c272329a6555500
i686	flatpak-session-helper-1.12.9-3.el9_4.i686.rpm	10ed413f8b61555e4ac8d50ad19ba04114baf5b7787a42de738fa508035f61b9
i686	flatpak-devel-1.12.9-3.el9_4.i686.rpm	653b683e4461db2cfad73e29dd2bc15bea83fbc1016bd8fcd237eaa781d8cb72
i686	flatpak-1.12.9-3.el9_4.i686.rpm	68bd6b216be00546c4696a9ba3dc48867c5168b674b4905471d8ce5a6de02b7a
i686	flatpak-libs-1.12.9-3.el9_4.i686.rpm	b7d1763a784c2223dc8e7a2ec3bcb7f1e8cd214138930227f027690198bed714
noarch	flatpak-selinux-1.12.9-3.el9_4.noarch.rpm	7e2b017a0ca2293f95a3bb3e8e7162e4f52deabe086853c3704c4fd5c5048d1e
ppc64le	flatpak-devel-1.12.9-3.el9_4.ppc64le.rpm	59b5f99388c676a382ff078ecadbbe7e97ac304a055e31d3a17c92dc4279d04f
ppc64le	flatpak-libs-1.12.9-3.el9_4.ppc64le.rpm	7acfddc23ca92c63db5054cf26504f1fc1519e0da0a360cb6c85a09a753fd5f7
ppc64le	flatpak-session-helper-1.12.9-3.el9_4.ppc64le.rpm	e97082324ac87525540262ce475d8cb7ea6b3ce46411dffd9c5eb4431623b824
ppc64le	bubblewrap-0.4.1-7.el9_4.alma.1.ppc64le.rpm	f87b7a597f6947fa306bea83a3045ead113e5a51506749c2e51eec465f403ffb
ppc64le	flatpak-1.12.9-3.el9_4.ppc64le.rpm	f9eda5376f7db579990ea9524cf95d71dcc31e5283e5a42c98a5fe324a6645bb
s390x	flatpak-session-helper-1.12.9-3.el9_4.s390x.rpm	4dca9ab068ffacc00bd7e1236882d17c494ba792a98ca1fe5da7420772adf572
s390x	flatpak-1.12.9-3.el9_4.s390x.rpm	57f82acad52a8c6800f53a1e0189298e47e6a9a3ecbfc191d26080519bcf7091
s390x	flatpak-libs-1.12.9-3.el9_4.s390x.rpm	aacd40b255034e3da04ac9a4efc5cb675dc07011fd189a889a257ff40087f311
s390x	bubblewrap-0.4.1-7.el9_4.alma.1.s390x.rpm	b00838b9a97c5dd97b0e896166b35a201d9b180809987333027943524422f410
s390x	flatpak-devel-1.12.9-3.el9_4.s390x.rpm	de78ab298f6f8bac40874e1cc8e7ac8b867105e881f0baeafb5c118a646e11c6
x86_64	flatpak-devel-1.12.9-3.el9_4.x86_64.rpm	28774ad1da0cc77405c43b2aac91f5c39bed8d66ff3d82f8c94eb11ff29731b8
x86_64	flatpak-libs-1.12.9-3.el9_4.x86_64.rpm	72f7bec88671bf52051d263b0608d1aa98e97e1606fcca2b5b0b4259b203dbd9
x86_64	flatpak-session-helper-1.12.9-3.el9_4.x86_64.rpm	9c78e23a94820a8782a735f01bf0cfac2da1039569c1e2396400dc44fde5c5b3
x86_64	flatpak-1.12.9-3.el9_4.x86_64.rpm	e210f04eaaa44fed4a65623dd3f987b4364b937830530a6eb5a3644d0279bf46
x86_64	bubblewrap-0.4.1-7.el9_4.alma.1.x86_64.rpm	ee649f893b4d60520bff15674ad68773f2379bb9a32de59f943993935ff2c57a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.