ELSA-2024-6422

ULN >
Oracle Linux Errata repository >
ELSA-2024-6422

ELSA-2024-6422 - bubblewrap and flatpak security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-09-05

Description

bubblewrap
[0.4.0-2]
- Backport upstream fix to help address CVE-2024-42472 in flatpak

flatpak
[1.12.9-3]
- Fix previous changelog entry

[1.12.9-2]
- Backport upstream patches for CVE-2024-42472
- Require bubblewrap version that has new --bind-fd option backported for
addressing CVE-2024-42472

Related CVEs

CVE-2024-42472

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	bubblewrap-0.4.0-2.el8_10.src.rpm	34354f3bd2c804a99c70f5df2a7169d87fc67b65ac819d0e9d64aa118801346b	-	ol8_aarch64_baseos_latest
	bubblewrap-0.4.0-2.el8_10.src.rpm	34354f3bd2c804a99c70f5df2a7169d87fc67b65ac819d0e9d64aa118801346b	-	ol8_aarch64_u10_baseos_patch
	flatpak-1.12.9-3.el8_10.src.rpm	b1bf0b8bae2c016a72b6eeeb25fa81a50b37dc6a0c3c76225994108ce1e9d6ed	-	ol8_aarch64_appstream
	flatpak-1.12.9-3.el8_10.src.rpm	b1bf0b8bae2c016a72b6eeeb25fa81a50b37dc6a0c3c76225994108ce1e9d6ed	-	ol8_aarch64_codeready_builder
	bubblewrap-0.4.0-2.el8_10.aarch64.rpm	7bfcdd3116f82f06e49c35cd4c6e2cd18edccc054bf999127d08dc9524656413	-	ol8_aarch64_baseos_latest
	bubblewrap-0.4.0-2.el8_10.aarch64.rpm	7bfcdd3116f82f06e49c35cd4c6e2cd18edccc054bf999127d08dc9524656413	-	ol8_aarch64_u10_baseos_patch
	flatpak-1.12.9-3.el8_10.aarch64.rpm	311ae0a8d58d6b5502d19895ea7827088bd2d394e92203f74c3df56d06106918	-	ol8_aarch64_appstream
	flatpak-devel-1.12.9-3.el8_10.aarch64.rpm	1e777562cf58254b1b806fa8da63abe438af784597d31c0fb1b1193b9d55c437	-	ol8_aarch64_codeready_builder
	flatpak-libs-1.12.9-3.el8_10.aarch64.rpm	cc012673b96c7bf257f2af1d3a75ac15fc35e556b526022b280a359e2755d496	-	ol8_aarch64_appstream
	flatpak-selinux-1.12.9-3.el8_10.noarch.rpm	45d2fddb3b5f55c7ca5b1b19f09171577976c87a5398a58dadcc4d1c4cdba5d7	-	ol8_aarch64_appstream
	flatpak-session-helper-1.12.9-3.el8_10.aarch64.rpm	4cc65922e088da4e59120570a16e32a5146bb2baf4590c681dafa07264e58207	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	bubblewrap-0.4.0-2.el8_10.src.rpm	34354f3bd2c804a99c70f5df2a7169d87fc67b65ac819d0e9d64aa118801346b	-	ol8_x86_64_baseos_latest
	bubblewrap-0.4.0-2.el8_10.src.rpm	34354f3bd2c804a99c70f5df2a7169d87fc67b65ac819d0e9d64aa118801346b	-	ol8_x86_64_u10_baseos_patch
	flatpak-1.12.9-3.el8_10.src.rpm	b1bf0b8bae2c016a72b6eeeb25fa81a50b37dc6a0c3c76225994108ce1e9d6ed	-	ol8_x86_64_appstream
	flatpak-1.12.9-3.el8_10.src.rpm	b1bf0b8bae2c016a72b6eeeb25fa81a50b37dc6a0c3c76225994108ce1e9d6ed	-	ol8_x86_64_codeready_builder
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.18.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.19.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.20.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.21.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.22.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.23.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_23.1.24.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.4.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.5.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.6.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.7.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.8.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_25.1.0.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	ol8_x86_64_baseos_latest
	bubblewrap-0.4.0-2.el8_10.x86_64.rpm	28465439064f280fed2c15e0f2126e66acb4ea51d7e6a3762131f9c9f0147553	-	ol8_x86_64_u10_baseos_patch
	flatpak-1.12.9-3.el8_10.i686.rpm	4af47eec33979713c83319769158586dc730c3888c800ffa46df3d65bb9c3e8c	-	ol8_x86_64_codeready_builder
	flatpak-1.12.9-3.el8_10.x86_64.rpm	706ff8bd655744f3bdd27c02f5f9fefb3467f1b25a01ecc4d4dbeed429b30bc0	-	ol8_x86_64_appstream
	flatpak-devel-1.12.9-3.el8_10.i686.rpm	9b1b262b92f8df861a116c6315066c928151f5c49c9db45a4c460ca385382d55	-	ol8_x86_64_codeready_builder
	flatpak-devel-1.12.9-3.el8_10.x86_64.rpm	f4ad6fdcd4be4d6526e9bb40dc43620a4e5b9bcd4c8357a16dba939aec88dd09	-	ol8_x86_64_codeready_builder
	flatpak-libs-1.12.9-3.el8_10.i686.rpm	e15f9f81f2bcfba0f11060cfe0eea07cc2d21b959923b1041d9ea5d95919ed31	-	ol8_x86_64_appstream
	flatpak-libs-1.12.9-3.el8_10.x86_64.rpm	d4c8ee7fc9f5981d0617f36d5497fae8d9009b454bcc9650acd6b50676348e0a	-	ol8_x86_64_appstream
	flatpak-selinux-1.12.9-3.el8_10.noarch.rpm	45d2fddb3b5f55c7ca5b1b19f09171577976c87a5398a58dadcc4d1c4cdba5d7	-	ol8_x86_64_appstream
	flatpak-session-helper-1.12.9-3.el8_10.i686.rpm	38b449079507230575aaed27e136532056cc87eaef820cd245f2e99ab31ce131	-	ol8_x86_64_codeready_builder
	flatpak-session-helper-1.12.9-3.el8_10.x86_64.rpm	5328234b2b1401b89b74e660c82cf04d00f6d17c11222c214eaedd3bada929e0	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691