*** This bug is a security vulnerability ***
Public security bug reported:
Please sync flatpak 1.2.3-2 (universe) from Debian unstable (main)
Changelog entries since current disco version 1.2.3-1:
flatpak (1.2.3-2) unstable; urgency=high
* seccomp: Reject all ioctls that the kernel will interpret as TIOCSTI,
including those where the high 32 bits in a 64-bit word are nonzero.
(Closes: #925541, CVE-2019-10063)
-- Simon McVittie <[email protected]> Tue, 26 Mar 2019 20:38:36 +0000
** Affects: flatpak (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- Sync flatpak 1.2.3-2 (universe) from Debian unstable (main)
+ Sync flatpak 1.2.3-2 (universe) from Debian unstable (main) for CVE-2019-10063
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822024
Title:
Sync flatpak 1.2.3-2 (universe) from Debian unstable (main) for
CVE-2019-10063
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1822024/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
