Stay Connected:

ELSA-2024-9449

ELSA-2024-9449 - bubblewrap and flatpak security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2024-11-18

Description


bubblewrap
[0.4.1-8]
- Backport upstream fix to help address CVE-2024-42472 in flatpak

flatpak
[1.12.9-3]
- Fix previous changelog entry

[1.12.9-2]
- Backport upstream patches for CVE-2024-42472
- Require bubblewrap version that has new --bind-fd option backported for
addressing CVE-2024-42472


Related CVEs


CVE-2024-42472

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) bubblewrap-0.4.1-8.el9_5.src.rpma218a1e359c859c3c4bb78c628b9c7a93796f9aed274af158a1e67936c1f3991-ol9_aarch64_baseos_latest
bubblewrap-0.4.1-8.el9_5.src.rpma218a1e359c859c3c4bb78c628b9c7a93796f9aed274af158a1e67936c1f3991-ol9_aarch64_u5_baseos_patch
flatpak-1.12.9-3.el9_5.src.rpm21ca19382fde5513a91d4c6b6c805e73d53d31979844c492bbc2dd9e69cd79b2-ol9_aarch64_appstream
flatpak-1.12.9-3.el9_5.src.rpm21ca19382fde5513a91d4c6b6c805e73d53d31979844c492bbc2dd9e69cd79b2-ol9_aarch64_codeready_builder
bubblewrap-0.4.1-8.el9_5.aarch64.rpm514119382d39884c086617487cf96635e6e8938771d85cba4bf8487ec0e67247-ol9_aarch64_baseos_latest
bubblewrap-0.4.1-8.el9_5.aarch64.rpm514119382d39884c086617487cf96635e6e8938771d85cba4bf8487ec0e67247-ol9_aarch64_u5_baseos_patch
flatpak-1.12.9-3.el9_5.aarch64.rpmecf87bae7dec8ad45343398277c2a0c5aa3abeb87562508ec5e281fcc5ac2437-ol9_aarch64_appstream
flatpak-devel-1.12.9-3.el9_5.aarch64.rpm79093302d5098fac2791df611c20a416ea4adcd5792fa570ac78f4cd845d3cf5-ol9_aarch64_codeready_builder
flatpak-libs-1.12.9-3.el9_5.aarch64.rpmb3540d91a4fdd245d213ea9d921e0ef75ef25781418bfffe6375c6ddea4d6a1d-ol9_aarch64_appstream
flatpak-selinux-1.12.9-3.el9_5.noarch.rpmb3bc76a369e7e13bce16e8d0864113d652b17a95d3099c609bd1d7bcd722e957-ol9_aarch64_appstream
flatpak-session-helper-1.12.9-3.el9_5.aarch64.rpmd4fb6fa581cd53ca04b303509dc0b795cb122ec3d9f7216d1de9e105346876f6-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) bubblewrap-0.4.1-8.el9_5.src.rpma218a1e359c859c3c4bb78c628b9c7a93796f9aed274af158a1e67936c1f3991-ol9_x86_64_baseos_latest
bubblewrap-0.4.1-8.el9_5.src.rpma218a1e359c859c3c4bb78c628b9c7a93796f9aed274af158a1e67936c1f3991-ol9_x86_64_u5_baseos_patch
flatpak-1.12.9-3.el9_5.src.rpm21ca19382fde5513a91d4c6b6c805e73d53d31979844c492bbc2dd9e69cd79b2-ol9_x86_64_appstream
flatpak-1.12.9-3.el9_5.src.rpm21ca19382fde5513a91d4c6b6c805e73d53d31979844c492bbc2dd9e69cd79b2-ol9_x86_64_codeready_builder
bubblewrap-0.4.1-8.el9_5.x86_64.rpm1468812b246d2ddbe37dc73cd3f034421b0f47df80bdc3f2474e614f99529aef-ol9_x86_64_baseos_latest
bubblewrap-0.4.1-8.el9_5.x86_64.rpm1468812b246d2ddbe37dc73cd3f034421b0f47df80bdc3f2474e614f99529aef-ol9_x86_64_u5_baseos_patch
flatpak-1.12.9-3.el9_5.i686.rpmf8cd93a47de1d897285fb029fca735ca1eb6d5777e3510382bd9de953cacf1db-ol9_x86_64_codeready_builder
flatpak-1.12.9-3.el9_5.x86_64.rpmb5890820576f9b06c9b22228a2a1173b10731c248ad2b344ca69343e1b6a85d5-ol9_x86_64_appstream
flatpak-devel-1.12.9-3.el9_5.i686.rpm3e43616a82b076078e50becc81a99c5f720e2cc5dea4b14cc81d69b0bfb71767-ol9_x86_64_codeready_builder
flatpak-devel-1.12.9-3.el9_5.x86_64.rpmb9d137788c9de7e28f8f05348e9f4337e6d3090a1230587b600382dcea82cc07-ol9_x86_64_codeready_builder
flatpak-libs-1.12.9-3.el9_5.i686.rpm176d30d09277ba41582ed8ae0557892aece05cfb0ee4f9b130a615323837e73b-ol9_x86_64_appstream
flatpak-libs-1.12.9-3.el9_5.x86_64.rpm3390a8d3ceb6a2174825d6c93739e072924370457f3afcf9586e74d98e67886d-ol9_x86_64_appstream
flatpak-selinux-1.12.9-3.el9_5.noarch.rpmb3bc76a369e7e13bce16e8d0864113d652b17a95d3099c609bd1d7bcd722e957-ol9_x86_64_appstream
flatpak-session-helper-1.12.9-3.el9_5.i686.rpm7282c4479bfdb420d78bd6ab43fa9e67bd5b50f81931e7a6c4cf199c6bbd9597-ol9_x86_64_codeready_builder
flatpak-session-helper-1.12.9-3.el9_5.x86_64.rpmc54344a05f68a2c1a22ab70b1a367a62ec5ca88e3a08b78946f6cfd8c456e88f-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights