Release date:
2026-04-23 12:57:16 UTC
Description:
- CVE-2026-34079: restrict cached-file removal to alphanumeric targets in
flatpak_switch_symlink_and_remove to prevent path-traversal unlink via a
sandboxed-app-controlled symlink
Updated packages:
-
flatpak-1.12.7-2.el9.tuxcare.els5.i686.rpm
sha:f1c83660c15fcfa85890b9f53decc48bb93cbb13dd78e7c2a0d265fc631532c0
-
flatpak-1.12.7-2.el9.tuxcare.els5.x86_64.rpm
sha:4606cb393a2fca2ebc9486178378b2ebe1dfc27b90e3a444b4160c13fc70af39
-
flatpak-devel-1.12.7-2.el9.tuxcare.els5.i686.rpm
sha:25be35f3849b28801fe58dd8e33fb26126c0e6bc20803d027cad6fcd06601418
-
flatpak-devel-1.12.7-2.el9.tuxcare.els5.x86_64.rpm
sha:9447e33c807271652d3f16a572ce6f2c44ecee9e2df65ac7d6bda0a25c2f1235
-
flatpak-libs-1.12.7-2.el9.tuxcare.els5.i686.rpm
sha:9d68bb1fbc1ca46f39848648e57b64a548006f09a49a8b17a9294f34d26e4451
-
flatpak-libs-1.12.7-2.el9.tuxcare.els5.x86_64.rpm
sha:dedad476f63ac1f3057ee6369ff37fc82215a4c7695a2c6c270887392691e304
-
flatpak-selinux-1.12.7-2.el9.tuxcare.els5.noarch.rpm
sha:512e6f9e08063bce34d968786d6279351881cba087a8b17c7900ccfe591ebe0e
-
flatpak-session-helper-1.12.7-2.el9.tuxcare.els5.i686.rpm
sha:8d7461379d14b5556a69a7fbd370aa18cb08ba7a573f6081d5f105cc0321bd04
-
flatpak-session-helper-1.12.7-2.el9.tuxcare.els5.x86_64.rpm
sha:3890855eed13e736a4058ac14237d004ad3e11c04796fe2b62f63b2b91ab7156
-
flatpak-tests-1.12.7-2.el9.tuxcare.els5.x86_64.rpm
sha:a5c6d4db9550240d630d93c55eb76b6d77e5096d36d0bf711b3fcda319a91587
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
