[Git][security-tracker-team/security-tracker][master] Add CVE-2022-21682/flatpak
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jan 13 20:20:57 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2eb9fc73 by Salvatore Bonaccorso at 2022-01-13T21:20:33+01:00
Add CVE-2022-21682/flatpak
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9866,8 +9866,12 @@ CVE-2022-21684
RESERVED
CVE-2022-21683
RESERVED
-CVE-2022-21682
+CVE-2022-21682 [flatpak-builder --mirror-screenshots-url can access files outside the build directory]
RESERVED
+ - flatpak 1.12.3-1
+ NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
+ NOTE: https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a
+ NOTE: Documentation: https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa
CVE-2022-21681
RESERVED
CVE-2022-21680
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eb9fc734b1616928e9edb062ae07fd414070347
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eb9fc734b1616928e9edb062ae07fd414070347
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220113/b3b68a76/attachment.htm>
More information about the debian-security-tracker-commits
mailing list