Announce: Flatpak 0.8.9 (old stable)
Alexander Larsson
alexl at redhat.com
Tue Jan 30 13:54:27 UTC 2018
This is a security fix release that fixes a sandbox escape in the
flatpak dbus proxy. This issue was found by Gabriel Campana of The
Google Security Team.
Flatpak 0.8.x is the previous stable series, and I recommend everyone
that can to use the new 0.10.x stable series instead. However, if you
are unable to update, here is an update for the stable series which i
recommend everyone using 0.8 to update to.
https://github.com/flatpak/flatpak/releases/tag/0.8.9
$ sha256sum flatpak-0.8.9.tar.xz
9df2823e12461c96c87d1e3cadf49963b5fefb6be8ad04dafb84c58b8bcbbf50
flatpak-0.8.9.tar.xz
Major changes in 0.8.9
======================
* Fix dbus proxy vulnerability in authentication phase
* Make permission handling ignore unknown permissions for forwards
compatibility
* Improved profile snippet
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alexander.larsson at gmail.com
More information about the Flatpak
mailing list