Ubuntu
flatpak package

CVE-2023-28101: Metadata with ANSI control codes can cause misleading terminal output

Bug #2063034 reported by Simon McVittie
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
flatpak (Ubuntu)
New
Undecided
Unassigned

Bug Description

https://github.com/flatpak/flatpak/security/advisories/GHSA-h43h-fwqx-mpp8

This was fixed in 1.15.4, 1.10.x >= 1.10.8, 1.12.x >= 1.12.8, 1.14.x >= 1.14.4.

At the time of writing, noble and mantic are OK, but jammy is vulnerable, and focal and bionic are probably vulnerable too.

CVE References

Simon McVittie (smcv)
information type: Private Security → Public Security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.