[Git][security-tracker-team/security-tracker][master] Add CVE-2022-21682/flatpak

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 13 20:20:57 GMT 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2eb9fc73 by Salvatore Bonaccorso at 2022-01-13T21:20:33+01:00
Add CVE-2022-21682/flatpak

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9866,8 +9866,12 @@ CVE-2022-21684
 	RESERVED
 CVE-2022-21683
 	RESERVED
-CVE-2022-21682
+CVE-2022-21682 [flatpak-builder --mirror-screenshots-url can access files outside the build directory]
 	RESERVED
+	- flatpak 1.12.3-1
+	NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
+	NOTE: https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a
+	NOTE: Documentation: https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa
 CVE-2022-21681
 	RESERVED
 CVE-2022-21680



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eb9fc734b1616928e9edb062ae07fd414070347

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eb9fc734b1616928e9edb062ae07fd414070347
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220113/b3b68a76/attachment.htm>


More information about the debian-security-tracker-commits mailing list