11 matches found
OPENSUSE-SU-2026:20811-1 Security update for bubblewrap
This update for bubblewrap fixes the following issue - CVE-2026-41163: improper process attachment via ptrace can lead to arbitrary privileged operations and local root escalation bsc1263113...
MiracleLinux 7 : flatpak-1.0.9-13.0.1.el7.AXS7 (AXSA:2024-8901:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8901:07 advisory. CVE-2024-42472: access to files outside sandbox for apps using persistent directories CVEs: CVE-2024-42472 Flatpak is a Linux application sandboxing and...
MGASA-2025-0303 Updated flatpak & bubblewrap packages fix security vulnerability
Flatpak may allow access to files outside sandbox for certain apps. CVE-2024-42472...
Updated flatpak & bubblewrap packages fix security vulnerability
Flatpak may allow access to files outside sandbox for certain apps. CVE-2024-42472...
Advisory ROSA-SA-2025-2837
Software: bubblewrap 0.4.0 OS: ROSA Virtualization 2.1 packageevrstring: bubblewrap-0.4.0-2.rv3 CVE-ID: CVE-2024-42472 BDU-ID: 2024-06671 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Flatpak application and environment management tool is related to improper neutralization of special output...
[SECURITY] [DLA 4099-1] flatpak security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4099-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk March 31, 2025 https://wiki.debian.org/LTS -...
SUSE SLED15: bubblewrap / bubblewrap-zsh-completion / flatpak / flatpak-devel / etc (SUSE-SU-SUSE-RU-2025:0145-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2025:0145-1 advisory. This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update...
SUSE-RU-2025:0145-1 Recommended update for bubblewrap, flatpak, wayland-protocols
This update for bubblewrap, flatpak updates flatpak to 1.16.0. flatpak changes: - Update to version 1.16.0: + Bug fixes: - Update libglnx to 2024-12-06: . Fix an assertion failure if creating a parent directory encounters a dangling symlink. . Fix a Meson warning. . Don't emit terminal progress...
Important: bubblewrap
Issue Overview: A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files...
OPENSUSE-SU-2019:1535-1 Security update for bubblewrap
This update for bubblewrap to version 0.3.3 fixes the following issue: Security issue fixed: - CVE-2019-12439: Fixed a temporary directory misuse as mount point which could have allowed local user to prevent others from running bubblewrap...
[SECURITY] Fedora 30 Update: bubblewrap-0.3.3-2.fc30
Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces...