Flatpak 注入漏洞

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8

来源:DEBIAN

链接:https://www.debian.org/security/2021/dsa-4830

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/6a11007021658518c088ba0cc5e4da27962a940a

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/57416f380600d9754df12baf5b227144ff1bb54d

来源:MISC

链接:https://github.com/flatpak/flatpak/releases/tag/1.8.5

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/cc1401043c075268ecc652eac557ef8076b5eaba

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/6d1773d2a54dde9b099043f07a2094a4f1c2f486

来源:GENTOO

链接:https://security.gentoo.org/glsa/202101-21

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/aeb6a7ab0abaac4a8f4ad98b3df476d9de6b8bd4

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/dcd24941c7087c5f7e8033abe50b178ac02a34af

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/fb1eaefbceeb73f02eb1bc85865d74a414faf8b8

来源:CONFIRM

链接:https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2

来源:MISC

链接:https://github.com/flatpak/flatpak/commit/6e5ae7a109cdfa9735ea7ccbd8cb79f9e8d3ae8b

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1186

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161093/Gentoo-Linux-Security-Advisory-202101-21.html

来源:vigilance.fr

链接:https://vigilance.fr/vulnerability/Flatpak-code-execution-via-flatpak-portal-34445

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0341/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161212/Red-Hat-Security-Advisory-2021-0307-01.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-21261

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/161289/Ubuntu-Security-Notice-USN-4721-1.html

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.0416