This bug was fixed in the package flatpak - 1.0.7-0ubuntu0.18.10.1 --------------- flatpak (1.0.7-0ubuntu0.18.10.1) cosmic-security; urgency=medium
* Update to 1.0.7 (LP: #1815528) * New upstream release - SECURITY UPDATE: do not let the apply_extra script for a system installation modify the host-side executable via /proc/self/exe, similar to CVE-2019-5736 in runc - CVE-2019-8308 -- Andrew Hayzen <ahay...@ubuntu.com> Wed, 13 Feb 2019 21:31:52 +0000 ** Changed in: flatpak (Ubuntu Cosmic) Status: Confirmed => Fix Released ** Changed in: flatpak (Ubuntu Bionic) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1815528 Title: New upstream microrelease flatpak 1.0.7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1815528/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs