CVE-2024-42472 - 10.0 - Flatpack < 1.14.10 , >= 1.15.0, < 1.15.10 sandbox escape (www.cve.org)

submitted 1 month ago by bishopolis@lemmy.ca to c/sysadmin@lemmy.world

1 comments fedilink hide all child comments

I haven't seen it yet, and this one is near and dear to my heart.

Update your stuff -- this one's been affecting Enterprise Linux for maybe 12 years, versions the distros have long since grown bored of supporting, so essentially every EL install out there. So great.

top 1 comments

sorted by: hot top controversial new old

[-] possiblylinux127@lemmy.zip 1 points 1 month ago

Flatpak has never been considered secure from a sandboxing perspective. If an app wants to cause harm it can do so with or without Flatpak. Do not rely on Flatpak as part of your security model.

Also Flatpak isn't really heavily used in the enterprise. The vast majority of Linux machines are servers.

this post was submitted on 08 Sep 2024

24 points (96.2% liked)

Sysadmin

7630 readers

1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago

MODERATORS

DarraignTheSane@lemmy.world

00Lemming@lemmy.world

L3s@lemmy.world