[Git][security-tracker-team/security-tracker][master] Reference upstream commits for flatpak issue
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 12 20:34:18 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dfc2c282 by Salvatore Bonaccorso at 2021-10-12T21:33:13+02:00
Reference upstream commits for flatpak issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -351,6 +351,17 @@ CVE-2021-41133 (Flatpak is a system for building, distributing, and running sand
NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
NOTE: Sourcewise fixed in 1.12.0-1 already, but 1.12.1-1 adds stricter dependency
NOTE: to libseccomp 2.5.2 so that CVE-2021-41133 is fully prevented.
+ NOTE: https://github.com/flatpak/flatpak/commit/e26ac7586c392b5eb35ff4609fe232c52523b2cf
+ NOTE: https://github.com/flatpak/flatpak/commit/89ae9fe74c6d445bb1b3a40e568d77cf5de47e48
+ NOTE: https://github.com/flatpak/flatpak/commit/26b12484eb8a6219b9e7aa287b298a894b2f34ca
+ NOTE: https://github.com/flatpak/flatpak/commit/a10f52a7565c549612c92b8e736a6698a53db330
+ NOTE: https://github.com/flatpak/flatpak/commit/9766ee05b1425db397d2cf23afd24c7f6146a69f
+ NOTE: https://github.com/flatpak/flatpak/commit/4c34815784e9ffda5733225c7d95824f96375e36
+ NOTE: https://github.com/flatpak/flatpak/commit/1330662f33a55e88bfe18e76de28b7922d91a999
+ NOTE: https://github.com/flatpak/flatpak/commit/462fca2c666e0cd2b60d6d2593a7216a83047aaf
+ NOTE: Regression followups:
+ NOTE: https://github.com/flatpak/flatpak/commit/d419fa67038370e4f4c3ce8c3b5f672d4876cfc8
+ NOTE: https://github.com/flatpak/flatpak/commit/3fc8c672676ae016f8e7cc90481b2feecbad9861
CVE-2021-42100
RESERVED
CVE-2021-42099
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfc2c282a967179e94bf22b6e45bd400c2e61f9d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfc2c282a967179e94bf22b6e45bd400c2e61f9d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211012/73338549/attachment.htm>
More information about the debian-security-tracker-commits
mailing list