Flatpak is vulnerable to CVE-2024-42472

Done

Details

2 participants

DonaldSanders1968
Zheng Junjie

Owner: unassigned

Submitted by: DonaldSanders1968

Severity: normal

D

D

DonaldSanders1968 wrote on 5 Sep 19:36 +0200

Recipients:(name . bug-guix@gnu.org)(address . bug-guix@gnu.org)

Message-ID:RVetQ5rOHmtSXq9BYMMvWxROUE4AlcTkhWNWgNjITZYVN8SG3Ggdgsq3MbvfrHTzJv8_kiE0vvnSThA-bgxXBeFYyxEYJPPko4Wyx4w_cFI=@protonmail.ch

Hi Guix,

Current flatpak version in Guix channel is affected by [CVE-2024-42472](https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87).

Kind regards,

Donald

Attachment: file

Z

Z

Zheng Junjie wrote on 6 Sep 16:48 +0200

Recipients:(name . DonaldSanders1968 via Bug reports for GNU Guix)(address . bug-guix@gnu.org)

Message-ID:87h6as25yx.fsf@iscas.ac.cn

DonaldSanders1968 via Bug reports for GNU Guix <bug-guix@gnu.org> writes:

Toggle quote (8 lines)

> Hi Guix,

>

> Current flatpak version in Guix channel is affected by CVE-2024-42472.

>

> Kind regards,

>

> Donald

Thanks, update bubblewrap and it.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfr6klGDOXiwIdX/bO1qpk+Gi3/AFAmbbFkYACgkQO1qpk+Gi
3/DpQhAAhLJYwg6NgFGx8B84uwKWNrNjesAd7qOShfPn2cfWd34dsvmvEQ11KvEc
a1XjC2RNpA82TOLqJ82RvQNYFHVsD02LsiVC67FbXWpRDLE0W+DpAtULHBBX5wny
eZaS3XnhDSgaj+M4KU8Rg0x8yom2deGWw/nte+gHL3Kx1iRZT5J/bA08zOr4pDTT
FrrzpoCtmvzmGXYrr4KtboJdPj/B86FLwzxHUNuNKmWy0bt5IhbGJ/hVigshtb5i
GvJsI5SBGZ5lLs7YDM/R47F4nqWeCvkuB3WMKpZDR7/5s9I/LwAMIU6BnsN53Sil
hqy+RVjEV52F+V9Nm3q/8OM29QUMz7LVyVmOVlRv/lMif264dIParhIHH1GWqKHz
ljqlN43T41Hf5YWklwHDwNtDeWGpNQo0wZfPJou3d7OTU4b8Ij6l3tddyp8AZucE
ML98mP1m+fEnxqpcYqIm2mq2h/vuMwSTqTjRLWFHpExlR2Ccx4hiyb2C8hVFbpVF
V5fIqoIKNQ1sU2isMyl7ETR6h31G54wxJjdEsA1Bjok7zgaT/oObsrGfyoT2Dycr
wEs6GLr0B+AQWdGbAggFMi+Gs90DczV+z+8d7o3JO+mabSE5yeFpxZlJsWCRkTGo
vbW/VGkZsxFu3jxX9J6B6gQDsJj61dg59Fd5Bn+VOPprVI+kGjg=
=7p5Z
-----END PGP SIGNATURE-----

?

Your comment

This issue is archived.

To comment on this conversation send an email to 73059@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 73059

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch