Scientific Linux alert SLSA-2019:0375-1 (flatpak)


From:
               Scott Reid <svreid@fnal.gov> 
To:
               <scientific-linux-errata@listserv.fnal.gov> 
Subject:
               Security ERRATA Important: flatpak on SL7.x x86_64 
Date:
               Thu, 21 Feb 2019 20:14:15 +0000
Message-ID:
               <20190221201415.6310.55101@slpackages.fnal.gov>
Synopsis:          Important: flatpak security update
Advisory ID:       SLSA-2019:0375-1
Issue Date:        2019-02-21
CVE Numbers:       CVE-2019-8308
--

Security Fix(es):

* flatpak: potential /proc based sandbox escape (CVE-2019-8308)
--

SL7
  x86_64
    flatpak-1.0.2-4.el7_6.x86_64.rpm
    flatpak-builder-1.0.0-4.el7_6.x86_64.rpm
    flatpak-debuginfo-1.0.2-4.el7_6.x86_64.rpm
    flatpak-devel-1.0.2-4.el7_6.x86_64.rpm
    flatpak-libs-1.0.2-4.el7_6.x86_64.rpm
    firefox-60.5.1-1.el7_6.i686.rpm
    firefox-60.5.1-1.el7_6.x86_64.rpm
    firefox-debuginfo-60.5.1-1.el7_6.i686.rpm
    firefox-debuginfo-60.5.1-1.el7_6.x86_64.rpm

- Scientific Linux Development Team

From:		Scott Reid <svreid@fnal.gov>
To:		<scientific-linux-errata@listserv.fnal.gov>
Subject:		Security ERRATA Important: flatpak on SL7.x x86_64
Date:		Thu, 21 Feb 2019 20:14:15 +0000
Message-ID:		<20190221201415.6310.55101@slpackages.fnal.gov>