Ubuntu
flatpak package

flatpak 1.6.5-0ubuntu0.2 source package in Ubuntu

Changelog

flatpak (1.6.5-0ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Flatpak sandbox escape via spawn portal (LP: #1911473)
    - debian/patches/CVE-2021-21261-1.patch: tests: Add minimal version
      of "ok" helper.
    - debian/patches/CVE-2021-21261-2.patch: common: Add a backport of
      G_DBUS_METHOD_INVOCATION_HANDLED.
    - debian/patches/CVE-2021-21261-3.patch: run: Convert all environment
      variables into bwrap arguments.
    - debian/patches/CVE-2021-21261-4.patch: tests: Expand coverage for
      environment variable overrides.
    - debian/patches/CVE-2021-21261-5.patch: context: Add --env-fd option.
    - debian/patches/CVE-2021-21261-6.patch: portal: Convert --env in
      extra-args into --env-fd.
    - debian/patches/CVE-2021-21261-7.patch: tests: Exercise --env-fd.
    - debian/patches/CVE-2021-21261-8.patch: portal: Do not use
      caller-supplied variables in environment.
    - debian/patches/CVE-2021-21261-9.patch: tests: Assert that --env= does
      not go in `flatpak run` or bwrap environ.
    - CVE-2021-21261

 -- Andrew Hayzen <email address hidden>  Wed, 13 Jan 2021 21:09:15 +0000

Upload details

Uploaded by:
Andrew Hayzen
Sponsored by:
Paulo Flabiano Smorigo
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
flatpak_1.6.5.orig.tar.xz 1.3 MiB 8109ffb6a3e9bfc5dcf8999c9243b21596489f77d866b848169d50c0627f14db
flatpak_1.6.5-0ubuntu0.2.debian.tar.xz 34.8 KiB afcec240415c7f4d08c9bb40574cfacd14c7df40880d6cfdbd7fc9e60b412ca9
flatpak_1.6.5-0ubuntu0.2.dsc 3.5 KiB 616e69a3b888b43aba41d65028e6a6b5b743af88d798382f0a87ae221981e411

View changes file

Binary packages built by this source

flatpak: Application deployment framework for desktop apps

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 Application bundles run partially isolated from the wider system, using
 containerization techniques such as namespaces to prevent direct access
 to system resources. Resources from outside the sandbox can be accessed
 via "portal" services, which are responsible for access control; for
 example, the Documents portal displays an "Open" dialog outside the
 sandbox, then allows the application to access only the selected file.
 .
 Each application uses a specified "runtime", or set of libraries, which is
 available as /usr inside its sandbox. This can be used to run application
 bundles with multiple, potentially incompatible sets of dependencies within
 the same desktop environment.
 .
 This package contains the services and executables needed to install and
 launch sandboxed applications, and the portal services needed to provide
 limited access to resources outside the sandbox.

flatpak-dbgsym: debug symbols for flatpak
flatpak-tests: Application deployment framework for desktop apps (tests)

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 See the flatpak package for a more comprehensive description.
 .
 This package contains automated tests.

flatpak-tests-dbgsym: debug symbols for flatpak-tests
gir1.2-flatpak-1.0: Application deployment framework for desktop apps (introspection)

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 See the flatpak package for a more comprehensive description.
 .
 This package can be used by other packages using the GIRepository format to
 generate dynamic bindings for libflatpak0.

libflatpak-dev: Application deployment framework for desktop apps (development)

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 See the flatpak package for a more comprehensive description.
 .
 This package contains development headers and pkg-config metadata
 for libflatpak0.

libflatpak-doc: Application deployment framework for desktop apps (documentation)

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 See the flatpak package for a more comprehensive description.
 .
 This package contains reference documentation for libflatpak0.

libflatpak0: Application deployment framework for desktop apps (library)

 Flatpak installs, manages and runs sandboxed desktop application bundles.
 See the flatpak package for a more comprehensive description.
 .
 This package contains the flatpak shared library, used by higher level
 package management tools like gnome-software.

libflatpak0-dbgsym: debug symbols for libflatpak0