gnu: Flatpak: Update to 1.2.3 [security fixes].
From 'NEWS' in the source distribution: The CVE-2019-5736 runc vulnerability is about using /proc/self/exe to modify the host side binary from the sandbox. This mostly does not affect flatpak since the flatpak sandbox is not run with root permissions. However, there is one case (running the apply_extra script for system installs) where this happens, so this release contains a fix for that. * Don't expose /proc in apply_extra script sandbox. * gnu/packages/package-management.scm (flatpak): Update to 1.2.3.
This commit is contained in:
parent
dbf87ecb52
commit
e2760d1a8b
|
@ -952,7 +952,7 @@ the bootloader configuration.")
|
||||||
(define-public flatpak
|
(define-public flatpak
|
||||||
(package
|
(package
|
||||||
(name "flatpak")
|
(name "flatpak")
|
||||||
(version "1.2.0")
|
(version "1.2.3")
|
||||||
(source
|
(source
|
||||||
(origin
|
(origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
|
@ -960,7 +960,7 @@ the bootloader configuration.")
|
||||||
version "/flatpak-" version ".tar.xz"))
|
version "/flatpak-" version ".tar.xz"))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1bdk6qmsvy4d80245x1si9qvrga2f2yalj9qfmf1lqj5ljxxxifv"))))
|
"0i0dn3w3545lvmjlzqj3j70lk8yrq64r9frp1rk6a161gwq20ixv"))))
|
||||||
(build-system gnu-build-system)
|
(build-system gnu-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
'(#:tests? #f ;; Tests fail due to trying to create files where it can't.
|
'(#:tests? #f ;; Tests fail due to trying to create files where it can't.
|
||||||
|
|
Loading…
Reference in New Issue