O loʻo avanoa faʻafouga faʻasaʻo i le pusa meafaigaluega e fatu ai pusa Flatpak 1.14.4, 1.12.8, 1.10.8 ma 1.15.4, lea e faʻaleleia ai ni faʻafitauli se lua:
- CVE-2023-28100 - le mafai ona kopi ma sui tusitusiga i totonu o le virtual console input buffer e ala i le faʻaogaina o le TIOCLINUX ioctl pe a faʻapipiʻi se afifi flatpak saunia e se osofaʻiga. Mo se faʻataʻitaʻiga, e mafai ona faʻaogaina le faʻafitauli e faʻalauiloa ai tulafono faʻapitoa i totonu o le faʻamafanafanaga pe a maeʻa le faʻapipiʻiina o se pusa lona tolu. O le faʻafitauli e faʻaalia i le faʻamafanafanaga masani masani (/ dev / tty1, / dev / tty2, ma isi) ma e le aʻafia ai sauniga i le xterm, gnome-terminal, Konsole ma isi faʻailoga faʻailoga. O le faʻafitauli e le faʻapitoa i flatpak ma e mafai ona faʻaaogaina e osofaʻia ai isi talosaga, mo se faʻataʻitaʻiga, o faʻafitauli tutusa muamua na faʻatagaina ai le suia o uiga e ala i le TIOCSTI ioctl interface na maua i / bin / sandbox ma snap.
- CVE-2023-28101 - E mafai ona faʻaogaina faʻasologa o le sola i se lisi o faʻatagaga i metadata pusa e nana ai faʻamatalaga faʻamatalaga faʻamatalaga e uiga i faʻatagaga faʻalautele talosaga i le taimi o le faʻapipiʻiina poʻo le faʻafouina o se afifi e ala i le laina laina faʻatonuga. E mafai e tagata osofaʻi ona faʻaogaina lenei faʻafitauli e faʻasesē ai tagata faʻaoga e uiga i faʻamaoniga o loʻo faʻaogaina i totonu o le afifi. GUI mo le faʻapipiʻiina o pusa Flatpak, e pei ole GNOME Software ma KDE Plasma Discover, e le afaina i lenei mataupu.
puna: opennet.ru