Debian Patches
Status for bubblewrap/0.11.0-2+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2026-41163/Don-t-run-the-privilege-separated-code-dumpable.patch | Don't run the privilege separated code dumpable If the unprivileged code is dumpable, then it can be attached to with ptrace and execute arbitrary requests to the privileged part of the setup. In some cases this allows privilege escalation, such as using overlay mounts which would otherwise not be allowed in setuid mode. dumpable, because otherwise the owner of /proc/self is root which makes these processed not able to use features that are needed for e.g. detarmining portal access. Initially reported by François Diakhate <fdiakh@gmail.com> |
Alexander Larsson <alexl@redhat.com> | yes | debian upstream | upstream, 0.11.2, commit:10ed62f34a4565188887b06df1438ef8002c3c80 | 2026-04-14 |
| CVE-2026-41163/fix-harden-privsep-parent-against-unexpected-operations.patch | fix: harden privsep parent against unexpected operations | François Diakhaté <fdiakh@gmail.com> | yes | debian upstream | upstream, 0.11.2, commit:9e16c35582af7704958dd2b2ec3cba524c9605b6 | 2026-04-09 |
| debian/Change-EPERM-error-message-to-show-Debian-specific-inform.patch | Change EPERM error message to show Debian-specific information | Simon McVittie <smcv@debian.org> | not-needed | 2021-01-01 |
All known versions for source package 'bubblewrap'
- 0.11.2-2 (sid)
- 0.11.2-1 (forky)
- 0.11.0-2+deb13u1 (trixie)
- 0.8.0-2+deb12u1 (bookworm-security, bookworm)