Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.28336
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.28336
<patchinfo incident="28336"> <issue tracker="bnc" id="1209410">VUL-0: CVE-2023-28101: flatpak: Metadata with ANSI control codes can cause misleading terminal output</issue> <issue tracker="bnc" id="1209411">VUL-0: CVE-2023-28100: flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console</issue> <issue tracker="cve" id="2023-28101"/> <issue tracker="cve" id="2023-28100"/> <packager>JonathanKang</packager> <rating>important</rating> <category>security</category> <summary>Security update for flatpak</summary> <description>This update for flatpak fixes the following issues: - CVE-2023-28101: Fixed misleading terminal output with metadata with ANSI control codes (bsc#1209410). - CVE-2023-28100: Fixed unsandboxed TIOCLINUX commands (bsc#1209411). Update to version 1.10.8: - If an app update is blocked by parental controls policies, clean up the temporary deploy directory - Fix Autotools build with versions of gpgme that no longer provide gpgme-config(1) - Fix regressions in `flatpak history` since 1.9.1 + Don't display the appstream branch used internally + Don't display temporary repositories used internally + Ignore transaction log entries with empty REF field + Warn instead of failing if other non-app, non-runtime refs are found + Don't set up an unnecessary polkit agent for `flatpak history` + Add test coverage - Fix a typo in an error message - Fix incorrect year in NEWS for 1.10.7 release - Translation update: pl - Add test coverage for Flatpak's seccomp filters </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor