Overview

File _patchinfo of Package patchinfo.28335

<patchinfo incident="28335">
  <issue tracker="cve" id="2023-28101"/>
  <issue tracker="cve" id="2023-28100"/>
  <issue tracker="bnc" id="1209410">VUL-0: CVE-2023-28101: flatpak: Metadata with ANSI control codes can cause misleading terminal output</issue>
  <issue tracker="bnc" id="1209411">VUL-0: CVE-2023-28100: flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console</issue>
  <packager>JonathanKang</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for flatpak</summary>
  <description>This update for flatpak fixes the following issues:

- CVE-2023-28101: Fixed misleading terminal output with metadata with ANSI control codes (bsc#1209410).
- CVE-2023-28100: Fixed unsandboxed TIOCLINUX commands (bsc#1209411).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places