[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: Flatpak: Update to 1.2.3 [security fixes].
|
From: |
guix-commits |
|
Subject: |
01/01: gnu: Flatpak: Update to 1.2.3 [security fixes]. |
|
Date: |
Tue, 12 Feb 2019 17:14:27 -0500 (EST) |
lfam pushed a commit to branch master
in repository guix.
commit e2760d1a8b7308eb284f5bf04b133cee7f58bbe0
Author: Leo Famulari <address@hidden>
Date: Tue Feb 12 17:12:18 2019 -0500
gnu: Flatpak: Update to 1.2.3 [security fixes].
From 'NEWS' in the source distribution:
The CVE-2019-5736 runc vulnerability is about using /proc/self/exe
to modify the host side binary from the sandbox. This mostly does not
affect flatpak since the flatpak sandbox is not run with root permissions.
However, there is one case (running the apply_extra script for system
installs) where this happens, so this release contains a fix for that.
* Don't expose /proc in apply_extra script sandbox.
* gnu/packages/package-management.scm (flatpak): Update to 1.2.3.
---
gnu/packages/package-management.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/package-management.scm
b/gnu/packages/package-management.scm
index 587d028..af9667c 100644
--- a/gnu/packages/package-management.scm
+++ b/gnu/packages/package-management.scm
@@ -952,7 +952,7 @@ the bootloader configuration.")
(define-public flatpak
(package
(name "flatpak")
- (version "1.2.0")
+ (version "1.2.3")
(source
(origin
(method url-fetch)
@@ -960,7 +960,7 @@ the bootloader configuration.")
version "/flatpak-" version ".tar.xz"))
(sha256
(base32
- "1bdk6qmsvy4d80245x1si9qvrga2f2yalj9qfmf1lqj5ljxxxifv"))))
+ "0i0dn3w3545lvmjlzqj3j70lk8yrq64r9frp1rk6a161gwq20ixv"))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ;; Tests fail due to trying to create files where it can't.