[Pkg-utopia-maintainers] Bug#980323: flatpak: LD_LIBRARY_PATH is not set under flatpak-builder
Simon McVittie
smcv at debian.org
Thu Jan 21 18:25:25 GMT 2021
On Thu, 21 Jan 2021 at 17:51:34 +0000, Simon McVittie wrote:
> Security team: this is a regression in DSA 4830-1 (CVE-2021-21261), now
> fixed upstream in 1.10.1 and backported to 1.2.x. In addition to the
> regression that was reported in #980323, I looked at similar code paths
> and fixed an equivalent regression elsewhere. It's a 2-line change
> (I'll follow up with the full debdiff, which is rather larger due to
> patch headers and changelog). Do you want a DSA 4830-2 to fix this?
Here's the proposed source debdiff.
I've assumed that urgency=medium genuinely *is* what I want this time :-)
smcv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: flatpak_1.2.5-0+deb10u3.diff
Type: text/x-diff
Size: 6209 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20210121/3abf904d/attachment.diff>
More information about the Pkg-utopia-maintainers
mailing list