diff options
| author | Markus Volk <f_l_k@t-online.de> | 2024-08-21 10:35:25 +0200 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2024-08-21 08:45:47 -0700 |
| commit | 0edc4266acdd5d06e89c6f2491f511877910b455 (patch) | |
| tree | a9b6ec27fd985d915527214dec244f2cab301642 /meta-python/recipes-devtools/python/python-rfc3986-validator | |
| parent | 8d0b921fb6ec8e46bd1fc5c5f1f3fcb63a313915 (diff) | |
| download | meta-openembedded-0edc4266acdd5d06e89c6f2491f511877910b455.tar.gz | |
flatpak: update 1.15.9 -> 1.15.10
Dependencies:
In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.10.0 is required.
This version adds a new feature which is required by the security fix in this release.
Security fixes:
Don't follow symbolic links when mounting persistent directories (--persist option). This prevents a sandbox escape where a malicious or compromised app could edit the symlink to point to a directory that the app should not have been allowed to read or write. (CVE-2024-42472, GHSA-7hgv-f2j8-xw87)
Documentation:
Mark the 1.12.x and 1.10.x branches as end-of-life (#5352)
Other bug fixes:
Fix several memory leaks (#5883, #5884)
Internal changes:
Record a log file when running build-time tests with AddressSanitizer (#5884)
Add initial suppressions file for AddressSanitizer (#5884)
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python-rfc3986-validator')
0 files changed, 0 insertions, 0 deletions