FEDORA-2023-b0717d8c45 — security update for flatpak

stable

flatpak-1.14.4-1.fc37

FEDORA-2023-b0717d8c45 created by amigadave 2 weeks ago for Fedora 37

Update to 1.14.4

Fix CVE-2023-28100 and CVE-2023-28101

Logout Required

After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2023-b0717d8c45

This update has been submitted for testing by amigadave.

2 weeks ago

This update's test gating status has been changed to 'waiting'.

2 weeks ago

This update's test gating status has been changed to 'passed'.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

besser82 commented & provided feedback 2 weeks ago

karma

Works great! LGTM! =)

frantisekz commented & provided feedback a week ago

karma

Works well

This update can be pushed to stable now if the maintainer wishes

a week ago

geraldosimiao provided feedback a week ago

karma

This update has been submitted for stable by bodhi.

a week ago

This update has been pushed to stable.

a week ago

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

passed

Builds

flatpak-1.14.4-1.fc37

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

2 weeks ago

in testing

2 weeks ago

in stable

a week ago

approved

a week ago

BZ#2179219 CVE-2023-28101 flatpak: Metadata with ANSI control codes can cause misleading terminal output

BZ#2179220 CVE-2023-28100 flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console

BZ#2179222 CVE-2023-28100 flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console [fedora-37]

BZ#2179224 CVE-2023-28101 flatpak: Metadata with ANSI control codes can cause misleading terminal output [fedora-37]

flatpak-1.14.4-1.fc37

Automated Test Results

passed