This is a regression fix update, reverting non-backwards-compatible behaviour changes in the solution previously chosen for CVE-2022-21682


Update to 1.10.6

Fixes these two security issues:

Full release notes: https://github.com/flatpak/flatpak/releases/tag/1.12.3

Logout Required
After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-8c64cb0992

This update has been submitted for testing by rishi.

7 months ago

This update's test gating status has been changed to 'waiting'.

7 months ago

This update has obsoleted flatpak-1.10.6-1.fc34, and has inherited its bugs and notes.

7 months ago

This update has been pushed to testing.

7 months ago

This update's test gating status has been changed to 'failed'.

7 months ago

This update's test gating status has been changed to 'passed'.

7 months ago
karma

This update's test gating status has been changed to 'failed'.

7 months ago

This update's test gating status has been changed to 'passed'.

6 months ago

This update has been submitted for stable by bodhi.

6 months ago

This update has been pushed to stable.

6 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
7 months ago
in testing
7 months ago
in stable
6 months ago
BZ#1969591 flatpak-builder-1.2.2 is available
0
0
BZ#2041593 CVE-2022-21682 flatpak: flatpak-builder --mirror-screenshots-url can access files outside the build directory [fedora-all]
0
0

Automated Test Results