ELSA-2024-9449

ULN >
Oracle Linux Errata repository >
ELSA-2024-9449

ELSA-2024-9449 - bubblewrap and flatpak security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-11-18

Description

bubblewrap
[0.4.1-8]
- Backport upstream fix to help address CVE-2024-42472 in flatpak

flatpak
[1.12.9-3]
- Fix previous changelog entry

[1.12.9-2]
- Backport upstream patches for CVE-2024-42472
- Require bubblewrap version that has new --bind-fd option backported for
addressing CVE-2024-42472

Related CVEs

CVE-2024-42472

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	bubblewrap-0.4.1-8.el9_5.src.rpm	3d8152a636a58c7544ce1c46461f6945	-	ol9_aarch64_baseos_latest
	bubblewrap-0.4.1-8.el9_5.src.rpm	3d8152a636a58c7544ce1c46461f6945	-	ol9_aarch64_u5_baseos_patch
	flatpak-1.12.9-3.el9_5.src.rpm	027d25494835cb295127ada50b0dfc03	-	ol9_aarch64_appstream
	flatpak-1.12.9-3.el9_5.src.rpm	027d25494835cb295127ada50b0dfc03	-	ol9_aarch64_codeready_builder
	bubblewrap-0.4.1-8.el9_5.aarch64.rpm	779895cb05bde4d3ab13d024ab44c43f	-	ol9_aarch64_baseos_latest
	bubblewrap-0.4.1-8.el9_5.aarch64.rpm	779895cb05bde4d3ab13d024ab44c43f	-	ol9_aarch64_u5_baseos_patch
	flatpak-1.12.9-3.el9_5.aarch64.rpm	390dac76e60a84b6cbcc07862f692cbe	-	ol9_aarch64_appstream
	flatpak-devel-1.12.9-3.el9_5.aarch64.rpm	4d9ad62955f5699d3473a6105157ada3	-	ol9_aarch64_codeready_builder
	flatpak-libs-1.12.9-3.el9_5.aarch64.rpm	dd88b186a3de32084a7f708e6cc6896c	-	ol9_aarch64_appstream
	flatpak-selinux-1.12.9-3.el9_5.noarch.rpm	24b337dc0aa5f619d2da7048bd925d08	-	ol9_aarch64_appstream
	flatpak-session-helper-1.12.9-3.el9_5.aarch64.rpm	24d71d77e4a73782fb58e2b66c5b2e73	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	bubblewrap-0.4.1-8.el9_5.src.rpm	3d8152a636a58c7544ce1c46461f6945	-	ol9_x86_64_baseos_latest
	bubblewrap-0.4.1-8.el9_5.src.rpm	3d8152a636a58c7544ce1c46461f6945	-	ol9_x86_64_u5_baseos_patch
	flatpak-1.12.9-3.el9_5.src.rpm	027d25494835cb295127ada50b0dfc03	-	ol9_x86_64_appstream
	flatpak-1.12.9-3.el9_5.src.rpm	027d25494835cb295127ada50b0dfc03	-	ol9_x86_64_codeready_builder
	bubblewrap-0.4.1-8.el9_5.x86_64.rpm	343ccfa02639b8a90c73fd66244ef98b	-	ol9_x86_64_baseos_latest
	bubblewrap-0.4.1-8.el9_5.x86_64.rpm	343ccfa02639b8a90c73fd66244ef98b	-	ol9_x86_64_u5_baseos_patch
	flatpak-1.12.9-3.el9_5.i686.rpm	19e2ae0c8bf5f3bb7ed373c46bf79f88	-	ol9_x86_64_codeready_builder
	flatpak-1.12.9-3.el9_5.x86_64.rpm	a15bf16883c5b725f674a0395eda4b91	-	ol9_x86_64_appstream
	flatpak-devel-1.12.9-3.el9_5.i686.rpm	1141c17abf4cf10d620c0feb060e38a0	-	ol9_x86_64_codeready_builder
	flatpak-devel-1.12.9-3.el9_5.x86_64.rpm	bc3e56bf608578f286d3638019229cdb	-	ol9_x86_64_codeready_builder
	flatpak-libs-1.12.9-3.el9_5.i686.rpm	9cd9616e05a45be1e4a375dbdf67980d	-	ol9_x86_64_appstream
	flatpak-libs-1.12.9-3.el9_5.x86_64.rpm	cf2f216ccf5d3a53cd94a73682244a5e	-	ol9_x86_64_appstream
	flatpak-selinux-1.12.9-3.el9_5.noarch.rpm	24b337dc0aa5f619d2da7048bd925d08	-	ol9_x86_64_appstream
	flatpak-session-helper-1.12.9-3.el9_5.i686.rpm	2b393ab498b71f585eaf8936d616c40f	-	ol9_x86_64_codeready_builder
	flatpak-session-helper-1.12.9-3.el9_5.x86_64.rpm	c2a7d470d214dd6edfd7323e9e7d8741	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691