Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 937948 - sys-apps/bubblewrap: Version bump to 0.10.0 required for flatpak-1.14.10 (related to CVE bug 937936)
Summary: sys-apps/bubblewrap: Version bump to 0.10.0 required for flatpak-1.14.10 (rel...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords: PullRequest
Depends on:
Blocks: CVE-2024-42472
  Show dependency tree
 
Reported: 2024-08-15 03:50 UTC by Zac Medico
Modified: 2024-08-17 19:09 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Zac Medico gentoo-dev 2024-08-15 03:50:37 UTC 
Hi, we'll need a sys-apps/bubblewrap-0.10.0 bump for this --bind-fd support:

https://github.com/containers/bubblewrap/commit/a253257cd298892da43e15201d83f9a02c9b58b5

The --bind-fd option is used in the CVE fixing commit related to bug 937936:

https://github.com/flatpak/flatpak/commit/6bd603f6836e9b38b9b937d3b78f3fbf36e7ff75
Comment 1 Larry the Git Cow gentoo-dev 2024-08-17 19:09:52 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f1e7595b04f04ffc3ea15c69f895a57ec39ad31

commit 8f1e7595b04f04ffc3ea15c69f895a57ec39ad31
Author:     Zac Medico <zmedico@gentoo.org>
AuthorDate: 2024-08-15 04:01:53 +0000
Commit:     Arthur Zamarin <arthurzam@gentoo.org>
CommitDate: 2024-08-17 18:59:00 +0000

    sys-apps/bubblewrap: add 0.10.0
    
    Closes: https://bugs.gentoo.org/937948
    Signed-off-by: Zac Medico <zmedico@gentoo.org>
    Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>

 sys-apps/bubblewrap/Manifest                 |  1 +
 sys-apps/bubblewrap/bubblewrap-0.10.0.ebuild | 58 ++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+)