flatpak (0.6.11-1ubuntu0.16.10.0) yakkety-security; urgency=medium
* SECURITY UPDATE: bubblewrap escape via TIOCSTI ioctl (LP: #1657357)
- Fixed in d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch:
Add patch from upstream 0.8.1 to prevent contained apps from using
TIOCSTI ioctl. This would let the app inject commands into the
terminal from which it was invoked. Prevent the attack here
by using seccomp to filter out TIOCSTI ioctl.
- CVE-2017-5226
* SECURITY UPDATE: Prevent writing to per-user installed fonts and
Flatpak extensions (typically locales)
- Fixed in d/p/Make-sure-all-mounted-sources-are-read-only.patch:
Add patch from upstream 0.8.2
Date: 2017-02-07 07:15:14.548555+00:00
Changed-By: Jeremy Bicha <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/flatpak/0.6.11-1ubuntu0.16.10.0
Sorry, changesfile not available.
--
Yakkety-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/yakkety-changes
