![]() Remove some unreachable code (Coverity: CID 1514265).Fix Autotools build with versions of gpgme that no longer provide gpgme-config(1) ( #5173).If an app update is blocked by parental controls policies, clean up the temporary deploy directory ( #5146).Update the SELinux module to explicitly permit the system helper have read access to /etc/passwd and systemd-userdbd, read and lock access to /var/lib/flatpak, and watch files inside $libexecdir ( #4852, #4855, #4892 Red Hat #2071217, #2071215, #2070741, #2053634, #2070350).Note that this is specific to virtual consoles: Flatpak is not vulnerable to this if run from a graphical terminal emulator such as xterm, gnome-terminal or Konsole. ![]() If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.), don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100). Escape special characters when displaying permissions and metadata, preventing malicious apps from manipulating the appearance of the permissions list using crafted metadata (CVE-2023-28101).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |