Flatpak 1.10.2 update fixes sandbox isolation vulnerability
A corrective update to the toolkit for creating self-contained packages Flatpak 1.10.2 is available, which eliminates a vulnerability (CVE-2021-21381) that allows the author of a package with an application to bypass the sandbox isolation mode and gain access to files on the main system. The problem has been appearing since release 0.9.4. The vulnerability is caused by an error in the implementation of the file forwarding function, which allows […]