Overview

File _patchinfo of Package patchinfo.11267

<patchinfo incident="11267">
  <issue tracker="cve" id="2019-11460"/>
  <issue tracker="cve" id="2019-8308"/>
  <issue tracker="cve" id="2019-11461"/>
  <issue tracker="bnc" id="1125431">VUL-0: CVE-2019-8308: flatpak: potential /proc based sandbox escape</issue>
  <issue tracker="bnc" id="1133043">VUL-1: CVE-2019-11460: gnome-desktop: A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailer</issue>
  <issue tracker="bnc" id="1133041">VUL-1: CVE-2019-11461: nautilus: A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>zhengqiang</packager>
  <description>This update for flatpak fixes the following issues:

Security issues fixed:

- CVE-2019-8308: Fixed a potential sandbox escape via /proc (bsc#1125431).
- CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133043).
- CVE-2019-11461: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl (bsc#1133041).
</description>
  <summary>Security update for flatpak</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places