[Git][security-tracker-team/security-tracker][master] Add new flatpak issue
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 14 09:21:47 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6206ee83 by Salvatore Bonaccorso at 2021-01-14T10:21:22+01:00
Add new flatpak issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,18 @@
+CVE-2021-XXXX [Flatpak sandbox escape via spawn portal]
+ - flatpak <unfixed>
+ NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
+ NOTE: https://github.com/flatpak/flatpak/commit/6d1773d2a54dde9b099043f07a2094a4f1c2f486
+ NOTE: https://github.com/flatpak/flatpak/commit/821249844bbb7e52cbf4508b4de18c05e8592220
+ NOTE: https://github.com/flatpak/flatpak/commit/6e5ae7a109cdfa9735ea7ccbd8cb79f9e8d3ae8b
+ NOTE: https://github.com/flatpak/flatpak/commit/aeb6a7ab0abaac4a8f4ad98b3df476d9de6b8bd4
+ NOTE: https://github.com/flatpak/flatpak/commit/39a5621e6941b9d27bf89b63e8fb6cad6e279e53
+ NOTE: https://github.com/flatpak/flatpak/commit/cc1401043c075268ecc652eac557ef8076b5eaba
+ NOTE: https://github.com/flatpak/flatpak/commit/d19f6c330aa42e17df6dc36d12b6f4dfa507dbb3
+ NOTE: https://github.com/flatpak/flatpak/commit/4ac11066908ddb62a456c8dbdfa11cce643e9e11
+ NOTE: https://github.com/flatpak/flatpak/commit/e2c4ded323161f47609d0af97d00019d04a635f1
+ NOTE: https://github.com/flatpak/flatpak/commit/b0aea9c0533f8338ead9acb8dd2a65e6339b9a99
+ NOTE: https://github.com/flatpak/flatpak/commit/4108e022452303093d8b90c838695a0476cb09c7
+ NOTE: https://github.com/flatpak/flatpak/commit/c4a58d5822e86f82bbf9e2e7702153a51cc6841b
CVE-2021-3146
RESERVED
CVE-2021-3145
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6206ee83a4b18916a6f0a82d0c4f9e411838b4f3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6206ee83a4b18916a6f0a82d0c4f9e411838b4f3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210114/9d6d66ff/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list