Stay Connected:

ELSA-2024-6422

ELSA-2024-6422 - bubblewrap and flatpak security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-09-05

Description


bubblewrap
[0.4.0-2]
- Backport upstream fix to help address CVE-2024-42472 in flatpak

flatpak
[1.12.9-3]
- Fix previous changelog entry

[1.12.9-2]
- Backport upstream patches for CVE-2024-42472
- Require bubblewrap version that has new --bind-fd option backported for
addressing CVE-2024-42472


Related CVEs


CVE-2024-42472

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) bubblewrap-0.4.0-2.el8_10.src.rpm622080bfdc12145498e8058d29b46cba-ol8_aarch64_baseos_latest
bubblewrap-0.4.0-2.el8_10.src.rpm622080bfdc12145498e8058d29b46cba-ol8_aarch64_u10_baseos_patch
flatpak-1.12.9-3.el8_10.src.rpm66038fc95bd13650498dd9aaeccced23-ol8_aarch64_appstream
flatpak-1.12.9-3.el8_10.src.rpm66038fc95bd13650498dd9aaeccced23-ol8_aarch64_codeready_builder
bubblewrap-0.4.0-2.el8_10.aarch64.rpmb3f05686d4591cf2c8613aa25b052bdc-ol8_aarch64_baseos_latest
bubblewrap-0.4.0-2.el8_10.aarch64.rpmb3f05686d4591cf2c8613aa25b052bdc-ol8_aarch64_u10_baseos_patch
flatpak-1.12.9-3.el8_10.aarch64.rpm2d4cdcc8106870dff6bc358965b528d5-ol8_aarch64_appstream
flatpak-devel-1.12.9-3.el8_10.aarch64.rpm8d5a553f0c62bfb284a6cc124c8c1fdb-ol8_aarch64_codeready_builder
flatpak-libs-1.12.9-3.el8_10.aarch64.rpma182169530d7897440c9732c6eb5598f-ol8_aarch64_appstream
flatpak-selinux-1.12.9-3.el8_10.noarch.rpm817131605d26c5ffc26e66d0d3af353d-ol8_aarch64_appstream
flatpak-session-helper-1.12.9-3.el8_10.aarch64.rpm903624cb03391362f165c5919c157f66-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) bubblewrap-0.4.0-2.el8_10.src.rpm622080bfdc12145498e8058d29b46cba-ol8_x86_64_baseos_latest
bubblewrap-0.4.0-2.el8_10.src.rpm622080bfdc12145498e8058d29b46cba-ol8_x86_64_u10_baseos_patch
flatpak-1.12.9-3.el8_10.src.rpm66038fc95bd13650498dd9aaeccced23-ol8_x86_64_appstream
flatpak-1.12.9-3.el8_10.src.rpm66038fc95bd13650498dd9aaeccced23-ol8_x86_64_codeready_builder
bubblewrap-0.4.0-2.el8_10.x86_64.rpm286bac9652ff417bdccef94f3b0fe3d5-ol8_x86_64_baseos_latest
bubblewrap-0.4.0-2.el8_10.x86_64.rpm286bac9652ff417bdccef94f3b0fe3d5-ol8_x86_64_u10_baseos_patch
flatpak-1.12.9-3.el8_10.i686.rpm9b2465967d552987ebaafef1528567bc-ol8_x86_64_codeready_builder
flatpak-1.12.9-3.el8_10.x86_64.rpmbb1d1dbca76939fd4df312c9c1759dbb-ol8_x86_64_appstream
flatpak-devel-1.12.9-3.el8_10.i686.rpm99e36a35f9f063015cd3034f8e6069eb-ol8_x86_64_codeready_builder
flatpak-devel-1.12.9-3.el8_10.x86_64.rpm6b809cdc3b3ad3eaab61983443ce0e8d-ol8_x86_64_codeready_builder
flatpak-libs-1.12.9-3.el8_10.i686.rpm5de1e1ac25ec0ba6ba85542b166d94a9-ol8_x86_64_appstream
flatpak-libs-1.12.9-3.el8_10.x86_64.rpm2180c078ee8e29a3559f881de704b586-ol8_x86_64_appstream
flatpak-selinux-1.12.9-3.el8_10.noarch.rpm817131605d26c5ffc26e66d0d3af353d-ol8_x86_64_appstream
flatpak-session-helper-1.12.9-3.el8_10.i686.rpm89562be4f0417e23cc9688d34addf97f-ol8_x86_64_codeready_builder
flatpak-session-helper-1.12.9-3.el8_10.x86_64.rpmbfa721cbf2ade74c211d02394e673ddd-ol8_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights