Isibuyekezo sokulungisa sethuluzi lokupakisha elizimele le-Flatpak 1.10.2 siyatholakala esilungisa ubungozi (CVE-2021-21381) obungavumela umbhali wephakheji enohlelo lokusebenza ukuthi adlule ukuhlukaniswa kwe-sandbox futhi athole ukufinyelela kumafayela kumsingathi. uhlelo. Inkinga ibilokhu ibonakala kusukela ekukhululweni kuka-0.9.4.
Ukuba sengozini kubangelwa iphutha ekusetshenzisweni komsebenzi wokudlulisa ifayela, okwenza kube nokwenzeka, ngokukhohliswa kwefayela elithi .desktop, ukufinyelela izinsiza kusistimu yefayela yangaphandle engavunyelwe ukufinyelelwa uhlelo lokusebenza olusebenzayo. Lapho wengeza amafayela anomaka "@@" kanye no-"@u" kunkambu ye-Exec, i-flatpak izothatha ngokuthi amafayela aqondiwe ashiwo ngokucacile umsebenzisi futhi izodlulisela ngokuzenzakalelayo ukufinyelela kulawa mafayela ku-sandbox. Ukuba sengozini kungasetshenziswa ababhali bamaphakheji anonya ukuze banikeze ukufinyelela kumafayela angaphandle, naphezu kokubonakala kusebenza kumodi yokuhlukanisa.
Source: opennet.ru