This bug was fixed in the package flatpak - 1.6.5-0ubuntu0.4 --------------- flatpak (1.6.5-0ubuntu0.4) focal-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls (LP: #1946578) - debian/paches/CVE-2021-41133-1.patch - debian/paches/CVE-2021-41133-2.patch - debian/paches/CVE-2021-41133-3.patch - debian/paches/CVE-2021-41133-4.patch - debian/paches/CVE-2021-41133-5.patch - debian/paches/CVE-2021-41133-6.patch - debian/paches/CVE-2021-41133-7.patch - debian/paches/CVE-2021-41133-8.patch - debian/paches/CVE-2021-41133-9.patch - debian/paches/CVE-2021-41133-10.patch - CVE-2021-41133 -- Andrew Hayzen <ahay...@ubuntu.com> Wed, 13 Oct 2021 00:36:35 +0100 ** Changed in: flatpak (Ubuntu Bionic) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to flatpak in Ubuntu. https://bugs.launchpad.net/bugs/1946578 Title: Update for CVE-2021-41133 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1946578/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs