flatpak security, bug fix, and enhancement update

2024-05-1014:32:38

Rockylinux Product Errata

errata.rockylinux.org

flatpak

security fixes

enhancement

rocky linux 9

cve list

cvss score

upstream version

tioclinux

metadata

ansi control codes

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.8%

JSON

An update is available for flatpak.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

The following packages have been upgraded to a later upstream version: flatpak (1.12.8). (BZ#2221792)

Security Fix(es):

flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console (CVE-2023-28100)
flatpak: Metadata with ANSI control codes can cause misleading terminal output (CVE-2023-28101)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
rocky9aarch64flatpak< 1.12.8-1.el9flatpak-0:1.12.8-1.el9.aarch64.rpm
rocky9i686flatpak< 1.12.8-1.el9flatpak-0:1.12.8-1.el9.i686.rpm
rocky9ppc64leflatpak< 1.12.8-1.el9flatpak-0:1.12.8-1.el9.ppc64le.rpm
rocky9s390xflatpak< 1.12.8-1.el9flatpak-0:1.12.8-1.el9.s390x.rpm
rocky9x86_64flatpak< 1.12.8-1.el9flatpak-0:1.12.8-1.el9.x86_64.rpm
rocky9aarch64flatpak-debuginfo< 1.12.8-1.el9flatpak-debuginfo-0:1.12.8-1.el9.aarch64.rpm
rocky9ppc64leflatpak-debuginfo< 1.12.8-1.el9flatpak-debuginfo-0:1.12.8-1.el9.ppc64le.rpm
rocky9s390xflatpak-debuginfo< 1.12.8-1.el9flatpak-debuginfo-0:1.12.8-1.el9.s390x.rpm
rocky9x86_64flatpak-debuginfo< 1.12.8-1.el9flatpak-debuginfo-0:1.12.8-1.el9.x86_64.rpm
rocky9aarch64flatpak-debugsource< 1.12.8-1.el9flatpak-debugsource-0:1.12.8-1.el9.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	9	aarch64	flatpak	< 1.12.8-1.el9	flatpak-0:1.12.8-1.el9.aarch64.rpm
rocky	9	i686	flatpak	< 1.12.8-1.el9	flatpak-0:1.12.8-1.el9.i686.rpm
rocky	9	ppc64le	flatpak	< 1.12.8-1.el9	flatpak-0:1.12.8-1.el9.ppc64le.rpm
rocky	9	s390x	flatpak	< 1.12.8-1.el9	flatpak-0:1.12.8-1.el9.s390x.rpm
rocky	9	x86_64	flatpak	< 1.12.8-1.el9	flatpak-0:1.12.8-1.el9.x86_64.rpm
rocky	9	aarch64	flatpak-debuginfo	< 1.12.8-1.el9	flatpak-debuginfo-0:1.12.8-1.el9.aarch64.rpm
rocky	9	ppc64le	flatpak-debuginfo	< 1.12.8-1.el9	flatpak-debuginfo-0:1.12.8-1.el9.ppc64le.rpm
rocky	9	s390x	flatpak-debuginfo	< 1.12.8-1.el9	flatpak-debuginfo-0:1.12.8-1.el9.s390x.rpm
rocky	9	x86_64	flatpak-debuginfo	< 1.12.8-1.el9	flatpak-debuginfo-0:1.12.8-1.el9.x86_64.rpm
rocky	9	aarch64	flatpak-debugsource	< 1.12.8-1.el9	flatpak-debugsource-0:1.12.8-1.el9.aarch64.rpm