Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement.
{ "availability": "No subscription required", "binaries": [ { "gir1.2-flatpak-1.0": "1.0.9-0ubuntu0.3", "flatpak-tests": "1.0.9-0ubuntu0.3", "libflatpak0": "1.0.9-0ubuntu0.3", "libflatpak0-dbgsym": "1.0.9-0ubuntu0.3", "flatpak": "1.0.9-0ubuntu0.3", "flatpak-tests-dbgsym": "1.0.9-0ubuntu0.3", "libflatpak-doc": "1.0.9-0ubuntu0.3", "libflatpak-dev": "1.0.9-0ubuntu0.3", "flatpak-dbgsym": "1.0.9-0ubuntu0.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "gir1.2-flatpak-1.0": "1.6.5-0ubuntu0.3", "flatpak-tests": "1.6.5-0ubuntu0.3", "libflatpak0": "1.6.5-0ubuntu0.3", "libflatpak0-dbgsym": "1.6.5-0ubuntu0.3", "flatpak": "1.6.5-0ubuntu0.3", "flatpak-tests-dbgsym": "1.6.5-0ubuntu0.3", "libflatpak-doc": "1.6.5-0ubuntu0.3", "libflatpak-dev": "1.6.5-0ubuntu0.3", "flatpak-dbgsym": "1.6.5-0ubuntu0.3" } ] }