Thanks for testing!
https://ubuntu.com/security/notices/USN-5191-1
** Changed in: flatpak (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946578
Ti
This bug was fixed in the package flatpak - 1.0.9-0ubuntu0.4
---
flatpak (1.0.9-0ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls
(LP: #1946578)
- debian/paches/CVE-2021-41133-1.patch
- debian/paches/CVE-20
This bug was fixed in the package flatpak - 1.6.5-0ubuntu0.4
---
flatpak (1.6.5-0ubuntu0.4) focal-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls
(LP: #1946578)
- debian/paches/CVE-2021-41133-1.patch
- debian/paches/CVE-202
This bug was fixed in the package flatpak - 1.10.2-1ubuntu1.1
---
flatpak (1.10.2-1ubuntu1.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls
(LP: #1946578)
- debian/paches/CVE-2021-41133-1.patch
- debian/paches/CVE
This bug was fixed in the package flatpak - 1.10.2-3ubuntu0.1
---
flatpak (1.10.2-3ubuntu0.1) impish-security; urgency=medium
* SECURITY UPDATE: Sandbox bypass via recent VFS-manipulating syscalls
(LP: #1946578)
- debian/paches/CVE-2021-41133-1.patch
- debian/paches/CVE-
I've done some exploratory testing of Wayland/portal related tests from
the test plan on a Impish VM and things are working normally.
$ apt policy flatpak
flatpak:
Installed: 1.10.2-3ubuntu0.1
Candidate: 1.10.2-3ubuntu0.1
Version table:
*** 1.10.2-3ubuntu0.1 500
500 http://ppa.launc
I've done some exploratory testing of Wayland/portal related tests from
the test plan on a Hirsute VM and things are working normally.
$ apt policy flatpak
flatpak:
Installed: 1.10.2-1ubuntu1.1
Candidate: 1.10.2-1ubuntu1.1
Version table:
*** 1.10.2-1ubuntu1.1 500
500 http://ppa.laun
I've done some exploratory testing of Wayland/portal related tests from
the test plan on a Bionic VM and things are working normally.
$ apt policy flatpak
flatpak:
Installed: 1.0.9-0ubuntu0.4
Candidate: 1.0.9-0ubuntu0.4
Version table:
*** 1.0.9-0ubuntu0.4 500
500 http://ppa.launchpa
I've done some exploratory testing of Wayland/portal related tests from
the test plan on a Focal VM and things are working normally.
$ apt policy flatpak
flatpak:
Installed: 1.6.5-0ubuntu0.4
Candidate: 1.6.5-0ubuntu0.4
Version table:
*** 1.6.5-0ubuntu0.4 500
500 http://ppa.launchpad
Sorry, I somehow missed comment 11 and was thinking we were still
waiting for the libseccomp decision. I'll check the packages now!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946578
Title:
Updat
Given that the security team is working on this I'm unsubscribing
ubuntu-sponsors.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946578
Title:
Update for CVE-2021-41133
To manage notifications abo
ACK on the debdiffs, I've uploaded them with a slight changelog
formatting change, and I've specified a specific version for the
libseccomp Build-Depends on bionic and focal.
I've build the packages, along with the required libseccomp updates in
the following PPA:
https://launchpad.net/~ubuntu-se
@mdeslaur - sure I think a no-change rebuild would be fine for
libseccomp, there are no other dependencies that I am aware of for it
(it requires valgrind at build-time to run some unit tests and these
fail on arm64 IIRC for the valgrind version in bionic-security/release
but succeed with the versi
@alex Do you think we can do a no-change rebuild of libseccomp into
bionic-security and focal-security? Are there any dependencies we need
to rebuild too?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/
Please find attached the debdiff for Ubuntu 18.04 bionic. I have
performed some testing in a VM and built in a PPA.
Note that for bionic (same as focal), we likely want to use the version
of libseccomp2 from bionic-updates ( 2.5.1-1ubuntu1~18.04.1) rather than
focal-security ( 2.4.3-1ubuntu3.18.04
Please find attached the debdiff for Ubuntu 20.04 focal. I have
performed some testing in a VM and built in a PPA.
Note that for focal, we likely want to use the version of libseccomp2
from focal-updates (2.5.1-1ubuntu1~20.04.1) rather than focal-security
(2.4.3-1ubuntu3.20.04.3). Is is possible t
I've got a set of rebased changes for focal prepared, but I'm waiting
for the PPA to build and test (currently stuck in a queue as 22.04 is
opening). So I'll assign focal to myself and hopefully will be able to
test this tomorrow when the build completes.
** Changed in: flatpak (Ubuntu Focal)
** Changed in: flatpak (Ubuntu Bionic)
Importance: Undecided => Medium
** Changed in: flatpak (Ubuntu Focal)
Importance: Undecided => Medium
** Changed in: flatpak (Ubuntu Hirsute)
Importance: Undecided => Medium
** Changed in: flatpak (Ubuntu Impish)
Importance: Undecided => Medium
So hirsute and impish have libseccomp 2.5.1, but focal and bionic have
2.4.3 in the security pocket and 2.5.1 in the updates pocket. I'm not
sure if there is procedure here to try and pull 2.5.1 of focal and
bionic into the security pocket with flatpak - if that is needed to
solve the security iss
Please find attached the debdiff for Ubuntu 21.04 hirsute. I have
performed some testing in a VM and built in a PPA.
Let me know if anything has been done incorrectly.
** Attachment added: "Hirsute CVE debdiff"
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1946578/+attachment/553300
20 matches
Mail list logo
