openSUSE Security Update : flatpak (openSUSE-2018-139)

This update for flatpak to version 0.8.9 fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2018-6560: sandbox escape in the flatpak dbus proxy boo1078923 - CVE-2017-9780: Malicious apps could have included inappropriate permissions boo1078989 - old-style eavesdroppi...

Fedora Update for flatpak FEDORA-2017-6b1f07acd9

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : flatpak (2017-6b1f07acd9)

Security fix for CVE-2017-9780 Update to 0.8.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

[SECURITY] [DSA 3895-1] flatpak security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3895-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2017 https://www.debian.org/security/faq -...

CVE-2017-9780

CVE-2017-9780 affects Flatpak prior to 0.8.7. A third‑party app repository could supply malicious apps with files that have insecure permissions (e.g., setuid or world‑writeable), causing deployed files to run with elevated privileges or write to world‑writable locations. The worst‑case involves ...