Security update for flatpak
This update for flatpak fixes the following issues:
Security issues fixed:
- CVE-2019-8308: Fixed a potential sandbox escape via /proc (bsc#1125431).
- CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133043).
- CVE-2019-11461: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133041).
This update was imported from the SUSE:SLE-15:Update update project.
- Submitted by Qiang Zheng (zhengqiang)
Fixed bugs
bnc#1125431
VUL-0: CVE-2019-8308: flatpak: potential /proc based sandbox escape
bnc#1133043
VUL-1: CVE-2019-11460: gnome-desktop: A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailer
bnc#1133041
VUL-1: CVE-2019-11461: nautilus: A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to