[Pkg-utopia-maintainers] Bug#1132943: CVE-2026-34078: Sandbox escape involving symlinks passed to flatpak-portal
Salvatore Bonaccorso
carnil at debian.org
Thu Apr 9 07:05:37 BST 2026
Hi Simon
Apologies we did nto respond earlier.
On Wed, Apr 08, 2026 at 09:34:03AM +0100, Simon McVittie wrote:
> Resolving CVE-2026-34078 caused a regression in the popular
> com.valvesoftware.Steam app (see separate bug) so that should be resolved
> first. I'm looking into this now.
Thanks for working on that update, given the above we put ourself on
hold for now (but I have added flatpak to our dsa-needed list).
Regards,
Salvatore
More information about the Pkg-utopia-maintainers
mailing list