Skip to content
Compare
Choose a tag to compare

Release 1.8.5

@alexlarsson alexlarsson released this
1.8.5
Compare
Choose a tag to compare

This is a security update that fixes a sandbox escape where a
malicious application can execute code outside the sandbox
by controlling the environment of the "flatpak run" command
when spawning a sub-sandbox.

See the advisory for details:
GHSA-4ppf-fxf6-vxg2

$ sha256sum flatpak-1.8.5.tar.xz 
338dc47398ef0b9bd95d14b6a321f6ee4d9ae53fdb06dc0f8901d6440319d47c  flatpak-1.8.5.tar.xz