This bug was fixed in the package flatpak - 1.10.2-3ubuntu0.1 --------------- flatpak (1.10.2-3ubuntu0.1) impish-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls (LP: #1946578) - debian/paches/CVE-2021-41133-1.patch - debian/paches/CVE-2021-41133-2.patch - debian/paches/CVE-2021-41133-3.patch - debian/paches/CVE-2021-41133-4.patch - debian/paches/CVE-2021-41133-5.patch - debian/paches/CVE-2021-41133-6.patch - debian/paches/CVE-2021-41133-7.patch - debian/paches/CVE-2021-41133-8.patch - debian/paches/CVE-2021-41133-9.patch - debian/paches/CVE-2021-41133-10.patch - CVE-2021-41133 -- Andrew Hayzen <ahay...@ubuntu.com> Wed, 13 Oct 2021 00:36:35 +0100 ** Changed in: flatpak (Ubuntu Impish) Status: In Progress => Fix Released ** Changed in: flatpak (Ubuntu Hirsute) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1946578 Title: Update for CVE-2021-41133 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1946578/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs