CVE-2022-21682 flatpak-builder can access files outside the build directory.

Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies finish-args last in the build. At this point the build directory will have the full access that is specified in the...

firefox security update

78.4.1-1.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.4.1-1 - Update to 78.4.1 78.4.0-3 - Fixing flatpak build, fixing firefox.sh.in to not disable langpacks loading 78.4.0-2 - Enable addon sideloading 78.4.0-1 - Update to...