diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-04-13 20:02:23 +0200 |
|---|---|---|
| committer | Khem Raj <khem.raj@oss.qualcomm.com> | 2026-04-13 15:28:24 -0700 |
| commit | 15b3c0f141be8f28029b6d59880435591efe0669 (patch) | |
| tree | cb8886c6c7217e26286019eedf5b2bb261363fbf /meta-python/recipes-devtools/python/python3-robotframework-seriallibrary | |
| parent | 85f7185fec42b9aba670ed518e8f5afa5d0def96 (diff) | |
| download | meta-openembedded-15b3c0f141be8f28029b6d59880435591efe0669.tar.gz | |
flatpak: upgrade 1.17.3 -> 1.17.6
Contains fixes for CVE-2026-34078 and CVE-2026-34079
Add explicit CVE_STATUS tags for these CVEs, because they are tracked
without version info by NVD at this time.
Changelog:
17.6:
Bug fixes:
- Fix the remaining regression for Chromium based browsers by not leaking file
descriptors down to wrapped command
- Fix a regression when installing extra-data without a runtime, which is the
case for openh264
- Fix the remaining regression for Epiphany by ignoring unusable sandbox-expose
paths for sub-sandboxes in the portal
- Fix the installed tests by allowing to add a new ref to an existing temporary
ostree repo
- Avoid closing fds 0/1/2 when they are used as a bad argument to flatpak-run,
and reduce duplication in handling file descriptor arguments
Enhancements:
- Disable auto-pin in flatpak-repair to preserve the pin state across
re-installs
- Small improvements for the tests
17.5:
Bug fixes:
- Fix regressions caused by the sandbox escape security fix, which impact some
browsers, browser-based apps and Steam (#6577, #6569, #6576, #6574)
Enhancements:
- Expand test coverage of flatpak-run features used by flatpak-portal (#6573)
17.4:
Security fixes:
- Fix a complete sandbox escape which leads to host file access and code
execution in the host context (CVE-2026-34078)
- Prevent arbitrary file deletion on the host filesystem (CVE-2026-34079)
- Prevent arbitrary read-access to files in the system-helper context
(GHSA-2fxp-43j9-pwvc)
- Prevent orphaning cross-user pull operations (GHSA-89xm-3m96-w3jg)
Enhancements:
- Enable ntsync unconditionally
- Automatic branch following for extensions to ensure that "no-autodownload"
extensions stay functional after an update that requires a new branch
- Translation updates: eo, kk, sr, zh_CN
Bug fixes:
- Prevent CPR sequence from showing up in the terminal
- Fix a crash for apps/runtimes with multiarch permission
- Fixes for Coverity warnings
- Add test-preinstall.sh to the test matrix source
- Fix a test message to refer to "systemd-localed" instead of "located"
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-robotframework-seriallibrary')
0 files changed, 0 insertions, 0 deletions