flatpak 1.6.5-0ubuntu0.3 source package in Ubuntu
Changelog
flatpak (1.6.5-0ubuntu0.3) focal-security; urgency=medium * SECURITY UPDATE: Flatpak sandbox escape via crafted .desktop file (LP: #1918482) - debian/patches/CVE-2021-21381-1.patch: Disallow @@ and @@u usage in desktop files. - debian/patches/CVE-2021-21381-2.patch: dir: Reserve the whole @@ prefix. - debian/patches/CVE-2021-21381-3.patch: dir: Refuse to export .desktop files with suspicious uses. - CVE-2021-21381 -- Andrew Hayzen <email address hidden> Fri, 05 Mar 2021 22:21:25 +0000
Upload details
- Uploaded by:
- Andrew Hayzen
- Sponsored by:
- Steve Beattie
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
flatpak_1.6.5.orig.tar.xz | 1.3 MiB | 8109ffb6a3e9bfc5dcf8999c9243b21596489f77d866b848169d50c0627f14db |
flatpak_1.6.5-0ubuntu0.3.debian.tar.xz | 35.6 KiB | 714b23c875f3a81849833168e2ff781b00981f0bc3f315ed4e3e12583260dd90 |
flatpak_1.6.5-0ubuntu0.3.dsc | 3.4 KiB | 431eee5de22e28e9a77d532bbe9c328db956f41d552165deb2c7ef56d378d575 |
Available diffs
Binary packages built by this source
- flatpak: Application deployment framework for desktop apps
Flatpak installs, manages and runs sandboxed desktop application bundles.
Application bundles run partially isolated from the wider system, using
containerization techniques such as namespaces to prevent direct access
to system resources. Resources from outside the sandbox can be accessed
via "portal" services, which are responsible for access control; for
example, the Documents portal displays an "Open" dialog outside the
sandbox, then allows the application to access only the selected file.
.
Each application uses a specified "runtime", or set of libraries, which is
available as /usr inside its sandbox. This can be used to run application
bundles with multiple, potentially incompatible sets of dependencies within
the same desktop environment.
.
This package contains the services and executables needed to install and
launch sandboxed applications, and the portal services needed to provide
limited access to resources outside the sandbox.
- flatpak-dbgsym: debug symbols for flatpak
- flatpak-tests: Application deployment framework for desktop apps (tests)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains automated tests.
- flatpak-tests-dbgsym: debug symbols for flatpak-tests
- gir1.2-flatpak-1.0: Application deployment framework for desktop apps (introspection)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package can be used by other packages using the GIRepository format to
generate dynamic bindings for libflatpak0.
- libflatpak-dev: Application deployment framework for desktop apps (development)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains development headers and pkg-config metadata
for libflatpak0.
- libflatpak-doc: Application deployment framework for desktop apps (documentation)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains reference documentation for libflatpak0.
- libflatpak0: Application deployment framework for desktop apps (library)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains the flatpak shared library, used by higher level
package management tools like gnome-software.
- libflatpak0-dbgsym: debug symbols for libflatpak0