[CLSA-2026:1781603962] flatpak: Fix of CVE-2026-34078
Type:
security
Severity:
Critical
Release date:
2026-06-16 10:22:59 UTC
Description:
- fix CVE-2026-34078 flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options
CVEs fixed:
Updated packages:
  • flatpak-1.12.9-4.el9_6.tuxcare.els2.i686.rpm
    sha:88b5fd02a9a8f3c5d6042217d982118e11c773908533e571ff42c5572fce7ee7
  • flatpak-1.12.9-4.el9_6.tuxcare.els2.x86_64.rpm
    sha:c1c0bb9985dbc14371baa6d4011a47c11a59927ba5bc9fa43814c8580952a84b
  • flatpak-devel-1.12.9-4.el9_6.tuxcare.els2.i686.rpm
    sha:0aafc924c79ff4f72f5418cee35a87031af9d937d8d393621965df96d29d8a6d
  • flatpak-devel-1.12.9-4.el9_6.tuxcare.els2.x86_64.rpm
    sha:a1986b3d5062ee994231788ed8519df108b0ff6d66f2a9ee8732a90a8b6b5a51
  • flatpak-libs-1.12.9-4.el9_6.tuxcare.els2.i686.rpm
    sha:f2e4932a36c40ece528a267f3843c91af2f77e19e4ee205aacb142d690c1afd0
  • flatpak-libs-1.12.9-4.el9_6.tuxcare.els2.x86_64.rpm
    sha:f7962cb07c306430fbea617b4a2e0352d33d9f0677a0075ce13b9584d429916b
  • flatpak-selinux-1.12.9-4.el9_6.tuxcare.els2.noarch.rpm
    sha:724665ba0ccfd41f98f9d1ae641ae6da4c9caa5c9d7272b32e23987fdd11e576
  • flatpak-session-helper-1.12.9-4.el9_6.tuxcare.els2.i686.rpm
    sha:7dfdf5c64faae96a810f37c3530ffb7772ea82fa61858fcf0bf7a8de26f69f01
  • flatpak-session-helper-1.12.9-4.el9_6.tuxcare.els2.x86_64.rpm
    sha:95ca5f4c9c06b13d6ffb3b80aca4d1c081f48218de1b995130923623a80d8577
  • flatpak-tests-1.12.9-4.el9_6.tuxcare.els2.x86_64.rpm
    sha:e6a31a1b483f4a87ea5619d9ba2f45b58d1d7e4c1cfb08e080773dbf21639928
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.