mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-04-08 09:01:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update NEWS for release

Browse Source
This commit is contained in:
Alexander Larsson
2019-03-27 10:13:54 +01:00
parent 2ca524eaf5
commit 46db23ba55
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
NEWS
View File

@@ -1,6 +1,19 @@
Changes in 1.0.8
================
This release fixes CVE-2019-10063.
It has been discovered that the previous fix for CVE-2017-5226, which uses
seccomp to prevent sandboxed apps from using the (dangerous) TIOCSTI ioctl
was only incomplete on 64bit arches. This is now fixed.
* seccomp: Only compare the low 32bit of the TIOCSTI ioctl args.
Changes in 1.0.7
================
This release fixes CVE-2019-8308.
The CVE-2019-5736 runc vulnerability is about using /proc/self/exe
to modify the host side binary from the sandbox. This mostly does not
affect flatpak since the flatpak sandbox is not run with root permissions.