[Pkg-utopia-maintainers] Processed: Re: Bug#1132943: CVE-2026-34078: Sandbox escape involving symlinks passed to flatpak-portal
Debian Bug Tracking System
owner at bugs.debian.org
Tue Apr 7 23:33:04 BST 2026
Processing control commands:
> fixed 1132943 1.16.4-1
Bug #1132943 [flatpak] flatpak: CVE-2026-34078: Sandbox escape involving symlinks passed to flatpak-portal
There is no source info for the package 'flatpak' at version '1.16.4-1' with architecture ''
Unable to make a source version for version '1.16.4-1'
Marked as fixed in versions 1.16.4-1.
> fixed 1132944 1.16.4-1
Bug #1132944 [flatpak] flatpak: CVE-2026-34079: Arbitrary file deletion on the host filesystem
There is no source info for the package 'flatpak' at version '1.16.4-1' with architecture ''
Unable to make a source version for version '1.16.4-1'
Marked as fixed in versions 1.16.4-1.
> fixed 1132945 1.16.4-1
Bug #1132945 [flatpak] flatpak: GHSA-89xm-3m96-w3jg: cross-user CancelPull orphans another user's ongoing pull
There is no source info for the package 'flatpak' at version '1.16.4-1' with architecture ''
Unable to make a source version for version '1.16.4-1'
Marked as fixed in versions 1.16.4-1.
> fixed 1132946 1.16.4-1
Bug #1132946 [flatpak] flatpak: GHSA-2fxp-43j9-pwvc: Arbitrary read-access to files readable by _flatpak user
There is no source info for the package 'flatpak' at version '1.16.4-1' with architecture ''
Unable to make a source version for version '1.16.4-1'
Marked as fixed in versions 1.16.4-1.
--
1132943: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132943
1132944: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132944
1132945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132945
1132946: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132946
Debian Bug Tracking System
Contact owner at bugs.debian.org with problems
More information about the Pkg-utopia-maintainers
mailing list