mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-04-03 14:56:47 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
1.14.4
flatpak/common
History
Simon McVittie f015f91dc3 run: Prevent TIOCLINUX ioctl, the same as TIOCSTI 
The TIOCLINUX ioctl is only available on Linux virtual consoles such as
/dev/tty1. It has several Linux-specific functions, one of which is a
copy/paste operation which can be used for attacks similar to TIOCSTI.

This vulnerability does not affect typical graphical terminal emulators
such as xterm, gnome-terminal and Konsole, and Flatpak is primarily
designed to be run from a Wayland or X11 graphical environment, so this
is relatively unlikely to be a practical problem.

CVE-2023-28100, GHSA-7qpw-3vjv-xrqp

Resolves: https://github.com/flatpak/flatpak/security/advisories/GHSA-7qpw-3vjv-xrqp
Signed-off-by: Simon McVittie <smcv@debian.org>
2023-03-16 09:55:13 +00:00
..
flatpak-appdata-private.h
flatpak-appdata: Add support for extracting app content ratings
2019-10-03 10:42:04 +02:00
flatpak-appdata.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-auth-private.h
authenticator: Fix sandboxed authenticators
2019-12-19 10:33:21 +01:00
flatpak-auth.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-bundle-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-bundle-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-bwrap-private.h
run: Create a shared XDG_RUNTIME_DIR for each app-ID
2021-04-16 09:13:18 +02:00
flatpak-bwrap.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-chain-input-stream-private.h
Don't use deprecated g_type_class_add_private API
2019-09-19 16:53:11 +00:00
flatpak-chain-input-stream.c
Don't use deprecated g_type_class_add_private API
2019-09-19 16:53:11 +00:00
flatpak-common-types-private.h
Add an option to share the pid namespace with the parent flatpak
2021-01-12 09:55:23 +01:00
flatpak-context-private.h
Add --socket=gpg-agent
2022-08-16 13:29:06 +02:00
flatpak-context.c
Reject paths given to --filesystem/--persist with special characters
2023-03-16 09:55:13 +00:00
flatpak-dir-private.h
dir: If overrides are syntactically invalid, include path in error message
2023-02-21 12:10:11 +00:00
flatpak-dir.c
dir: If metadata is syntactically invalid, say which file is the problem
2023-02-21 12:10:11 +00:00
flatpak-enum-types.c.template
enum-types: Make generated files more reproducible
2022-10-28 13:07:15 +01:00
flatpak-enum-types.h.template
enum-types: Make generated files more reproducible
2022-10-28 13:07:15 +01:00
flatpak-error.c
Run uncrustify
2019-02-25 18:12:30 +00:00
flatpak-error.h
common: Tweak error code docs
2021-02-09 09:36:59 +01:00
flatpak-exports-private.h
exports: Move error handling up into caller
2023-02-10 15:46:03 +00:00
flatpak-exports.c
exports: Don't export parent or ancestor of reserved directories
2023-02-10 15:46:03 +00:00
flatpak-installation-private.h
Export (private) flatpak_installation_get_dir()
2019-10-02 14:57:11 +02:00
flatpak-installation.c
dir: If overrides are syntactically invalid, include path in error message
2023-02-21 12:10:11 +00:00
flatpak-installation.h
flatpak-installation: Fix some typos in documentation comments
2021-06-14 15:30:59 +01:00
flatpak-installed-ref-private.h
installation: Use the FlatpakDecomposed APIs to create FlatpakRef:s
2020-11-05 10:43:10 +01:00
flatpak-installed-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-installed-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-instance-private.h
run: Create a shared XDG_RUNTIME_DIR for each app-ID
2021-04-16 09:13:18 +02:00
flatpak-instance.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-instance.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-json-oci-private.h
oci: Add helpers to parse OCI delta index and manifest
2020-06-05 09:35:30 +02:00
flatpak-json-oci.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-json-private.h
Cache the downloaded registry index in compressed form
2018-08-09 12:49:36 +00:00
flatpak-json.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-oci-registry-private.h
http utils: Make a generic FlatpakHttpSession instead of SoupSession
2022-06-16 13:49:45 +02:00
flatpak-oci-registry.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-parental-controls-private.h
dir: Support filtering app installs/upgrades by user’s OARS settings
2019-10-03 10:42:04 +02:00
flatpak-parental-controls.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-portal-error.c
common: Move flatpak-portal-error.[ch] back to common code
2018-04-26 07:41:17 +00:00
flatpak-portal-error.h
doc: Document FlatpakPortalError
2019-12-01 14:04:59 -05:00
flatpak-progress-private.h
FlatpakProgress: Clean up APIs for handling extra data
2020-03-27 17:23:13 +01:00
flatpak-progress.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-prune-private.h
Add (and use) custom, high-perfomance prune implementation
2021-04-26 10:30:14 +02:00
flatpak-prune.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-ref-utils-private.h
app: Port to libappstream
2022-02-17 08:29:20 -06:00
flatpak-ref-utils.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-related-ref-private.h
Drop more collection_id use
2020-03-23 17:58:04 +01:00
flatpak-related-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-related-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-remote-private.h
lib: Only support FLATPAK_REMOTE_TYPE_STATIC remote types
2020-03-25 08:52:28 +01:00
flatpak-remote-ref-private.h
installation: Use the FlatpakDecomposed APIs to create FlatpakRef:s
2020-11-05 10:43:10 +01:00
flatpak-remote-ref.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-remote-ref.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-remote.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-remote.h
Add G_BEGIN_DECLS/G_END_DECLS to public headers
2021-02-12 15:58:09 +01:00
flatpak-run-private.h
build: Consistently include libglnx header as "libglnx.h"
2022-04-11 10:32:34 +02:00
flatpak-run.c
run: Prevent TIOCLINUX ioctl, the same as TIOCSTI
2023-03-16 09:55:13 +00:00
flatpak-syscalls-private.h
common: Add a list of recently-added Linux syscalls
2021-10-08 12:53:20 +02:00
flatpak-transaction-private.h
Transaction: Ensure we download the subsummary for the arch of added refs
2021-05-19 09:49:30 +02:00
flatpak-transaction.c
transaction: Ignore uninstall operations for no deploy
2023-02-27 12:21:52 +00:00
flatpak-transaction.h
transaction: Add new API for getting an op by ref
2022-06-15 16:44:17 -07:00
flatpak-uri-private.h
uri: Don't do scheme-based normalization with GLib 2.66.x
2022-10-28 13:07:15 +01:00
flatpak-uri.c
uri: Don't rely on g_time_zone_new_offset()
2022-10-28 13:07:15 +01:00
flatpak-utils-base-private.h
common: Add a backport of G_DBUS_METHOD_INVOCATION_HANDLED
2020-12-09 08:34:19 +01:00
flatpak-utils-base.c
Add a vim modeline and .editorconfig
2022-08-22 19:48:10 -07:00
flatpak-utils-http-private.h
Move all use of soup APIs into flatpak-utils-http
2022-06-16 13:49:45 +02:00
flatpak-utils-http.c
flatpak-utils-http: check for HTTP2 support before trying to use it
2022-10-28 13:07:15 +01:00
flatpak-utils-private.h
Reject paths given to --filesystem/--persist with special characters
2023-03-16 09:55:13 +00:00
flatpak-utils.c
Reject paths given to --filesystem/--persist with special characters
2023-03-16 09:55:13 +00:00
flatpak-version-macros.h.in
doc: Fix a duplicate section
2019-12-02 07:45:51 -05:00
flatpak-zstd-decompressor-private.h
Add FlatpakZstdDecompressor converter (and libzstd dep)
2020-06-05 09:35:30 +02:00
flatpak-zstd-decompressor.c
oci: Make libzstd optional (and disable OCI deltas if not there)
2020-06-05 09:35:30 +02:00
flatpak.c
Merge lib/* into common
2018-05-24 11:59:52 +00:00
flatpak.h
Make FlatpakInstance api public
2018-10-08 08:36:23 +00:00
Makefile.am.inc
http: Support curl
2022-06-16 13:49:45 +02:00
test-lib.c
build: Consistently include libglnx header as "libglnx.h"
2022-04-11 10:32:34 +02:00
valgrind-private.h
Fix misspellings
2019-04-08 12:50:42 +00:00