[Apollo] Advisories Statistics light light Login

RLSA-2026:21756

Security Mirrored from RHSA-2026:21756
Issued at: 2026-05-29
Updated at: 2026-05-29

Synopsis

Important: flatpak security update



Description

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

Security Fix(es):

* flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options (CVE-2026-34078)

* flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation (CVE-2026-34079)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2456276 2456284

CVEs

CVE-2026-34078 CVE-2026-34079

Affected packages

Rocky Linux 8 aarch64 - AppStream

flatpak-0:1.12.9-4.el8_10.aarch64.rpm flatpak-0:1.12.9-4.el8_10.src.rpm flatpak-debuginfo-0:1.12.9-4.el8_10.aarch64.rpm flatpak-debugsource-0:1.12.9-4.el8_10.aarch64.rpm flatpak-libs-0:1.12.9-4.el8_10.aarch64.rpm flatpak-libs-debuginfo-0:1.12.9-4.el8_10.aarch64.rpm flatpak-selinux-0:1.12.9-4.el8_10.noarch.rpm flatpak-session-helper-0:1.12.9-4.el8_10.aarch64.rpm flatpak-session-helper-debuginfo-0:1.12.9-4.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

flatpak-0:1.12.9-4.el8_10.i686.rpm flatpak-devel-0:1.12.9-4.el8_10.i686.rpm flatpak-devel-0:1.12.9-4.el8_10.x86_64.rpm flatpak-session-helper-0:1.12.9-4.el8_10.i686.rpm flatpak-session-helper-debuginfo-0:1.12.9-4.el8_10.i686.rpm

Rocky Linux 8 x86_64 - AppStream

flatpak-0:1.12.9-4.el8_10.src.rpm flatpak-0:1.12.9-4.el8_10.x86_64.rpm flatpak-debuginfo-0:1.12.9-4.el8_10.i686.rpm flatpak-debuginfo-0:1.12.9-4.el8_10.x86_64.rpm flatpak-debugsource-0:1.12.9-4.el8_10.i686.rpm flatpak-debugsource-0:1.12.9-4.el8_10.x86_64.rpm flatpak-libs-0:1.12.9-4.el8_10.i686.rpm flatpak-libs-0:1.12.9-4.el8_10.x86_64.rpm flatpak-libs-debuginfo-0:1.12.9-4.el8_10.i686.rpm flatpak-libs-debuginfo-0:1.12.9-4.el8_10.x86_64.rpm flatpak-selinux-0:1.12.9-4.el8_10.noarch.rpm flatpak-session-helper-0:1.12.9-4.el8_10.x86_64.rpm flatpak-session-helper-debuginfo-0:1.12.9-4.el8_10.x86_64.rpm

Rocky Linux 8 aarch64 - PowerTools

flatpak-devel-0:1.12.9-4.el8_10.aarch64.rpm