Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:3969 - Security Advisory
Issued:
2024-06-18
Updated:
2024-06-18

RHSA-2024:3969 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: flatpak security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for flatpak is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux.

Security Fix(es):

  • flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2275981 - CVE-2024-32462 flatpak: sandbox escape via RequestBackground portal

CVEs

  • CVE-2024-32462

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
flatpak-1.8.7-2.el8_6.src.rpm SHA-256: 7f023d0506bfd81a849fc074f63702c502905290c21e90ce0d513e203e70d08f
x86_64
flatpak-1.8.7-2.el8_6.x86_64.rpm SHA-256: 9de445fcef9864242d6c7364a4239407ecd235f21e721af85f53a82f46d74b3a
flatpak-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: d5c5f36c38c1ae47344f734a1ddd45f9ba1426e5d2b5065a335de6d22bf9760d
flatpak-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 554a703567a65e9feefbd7b5d78f16df13875c25555d86935a9931e68d3b1b0e
flatpak-debugsource-1.8.7-2.el8_6.i686.rpm SHA-256: d5c67d0e98e6a8b16fe76ba9368a148ec0820ebed08861302a18dcee9925f3c1
flatpak-debugsource-1.8.7-2.el8_6.x86_64.rpm SHA-256: be3d5f4a3ebda7712de0a860c38bde5de61701aa4207f2ef35476a5c899331c8
flatpak-libs-1.8.7-2.el8_6.i686.rpm SHA-256: 78f1eef92487d77e1d33b2a778b75ed9c6f2e13da98848640d4a9aa3358e6c6c
flatpak-libs-1.8.7-2.el8_6.x86_64.rpm SHA-256: 4c98b3d593a274e6e72be638944e81cc280b04b436ffadf7ccb4dcb69c63214d
flatpak-libs-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: 43b004a1c27e16ea1117d6c752b4fe9bf3891f7f0ff2d0f312e7cc1319a6b228
flatpak-libs-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 83d104c786a1c50429a34ea444e22726d28b02fd6b076b473470733bc2f26d41
flatpak-selinux-1.8.7-2.el8_6.noarch.rpm SHA-256: 3d545c8872b2e256ee8169150332fb3b6e7569b1a0dcdb972ba92e36d8c3a750
flatpak-session-helper-1.8.7-2.el8_6.x86_64.rpm SHA-256: 6a7aa5cf47490dc91399bdf00cd395edc5a6450794a81adf01cb33cdd3f3583a
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: b78a39b90cf27da1782fe1f72ae4089e8be98c08bf1bf47a673f465995a154ea
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 0345fe6b1f5261f8277afdfd6b48bd9cc845b0eba33b4d44adf13ab3e5749652
flatpak-tests-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: ab8e6061dc3ab042818970b360fa3a8e0c64860090eb084316e6f142cae20817
flatpak-tests-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: bd78ae62690a3e14d613106fb04485685a6400af05ed86a30b47d1a44a10e687

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
flatpak-1.8.7-2.el8_6.src.rpm SHA-256: 7f023d0506bfd81a849fc074f63702c502905290c21e90ce0d513e203e70d08f
x86_64
flatpak-1.8.7-2.el8_6.x86_64.rpm SHA-256: 9de445fcef9864242d6c7364a4239407ecd235f21e721af85f53a82f46d74b3a
flatpak-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: d5c5f36c38c1ae47344f734a1ddd45f9ba1426e5d2b5065a335de6d22bf9760d
flatpak-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 554a703567a65e9feefbd7b5d78f16df13875c25555d86935a9931e68d3b1b0e
flatpak-debugsource-1.8.7-2.el8_6.i686.rpm SHA-256: d5c67d0e98e6a8b16fe76ba9368a148ec0820ebed08861302a18dcee9925f3c1
flatpak-debugsource-1.8.7-2.el8_6.x86_64.rpm SHA-256: be3d5f4a3ebda7712de0a860c38bde5de61701aa4207f2ef35476a5c899331c8
flatpak-libs-1.8.7-2.el8_6.i686.rpm SHA-256: 78f1eef92487d77e1d33b2a778b75ed9c6f2e13da98848640d4a9aa3358e6c6c
flatpak-libs-1.8.7-2.el8_6.x86_64.rpm SHA-256: 4c98b3d593a274e6e72be638944e81cc280b04b436ffadf7ccb4dcb69c63214d
flatpak-libs-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: 43b004a1c27e16ea1117d6c752b4fe9bf3891f7f0ff2d0f312e7cc1319a6b228
flatpak-libs-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 83d104c786a1c50429a34ea444e22726d28b02fd6b076b473470733bc2f26d41
flatpak-selinux-1.8.7-2.el8_6.noarch.rpm SHA-256: 3d545c8872b2e256ee8169150332fb3b6e7569b1a0dcdb972ba92e36d8c3a750
flatpak-session-helper-1.8.7-2.el8_6.x86_64.rpm SHA-256: 6a7aa5cf47490dc91399bdf00cd395edc5a6450794a81adf01cb33cdd3f3583a
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: b78a39b90cf27da1782fe1f72ae4089e8be98c08bf1bf47a673f465995a154ea
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 0345fe6b1f5261f8277afdfd6b48bd9cc845b0eba33b4d44adf13ab3e5749652
flatpak-tests-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: ab8e6061dc3ab042818970b360fa3a8e0c64860090eb084316e6f142cae20817
flatpak-tests-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: bd78ae62690a3e14d613106fb04485685a6400af05ed86a30b47d1a44a10e687

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
flatpak-1.8.7-2.el8_6.src.rpm SHA-256: 7f023d0506bfd81a849fc074f63702c502905290c21e90ce0d513e203e70d08f
x86_64
flatpak-1.8.7-2.el8_6.x86_64.rpm SHA-256: 9de445fcef9864242d6c7364a4239407ecd235f21e721af85f53a82f46d74b3a
flatpak-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: d5c5f36c38c1ae47344f734a1ddd45f9ba1426e5d2b5065a335de6d22bf9760d
flatpak-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 554a703567a65e9feefbd7b5d78f16df13875c25555d86935a9931e68d3b1b0e
flatpak-debugsource-1.8.7-2.el8_6.i686.rpm SHA-256: d5c67d0e98e6a8b16fe76ba9368a148ec0820ebed08861302a18dcee9925f3c1
flatpak-debugsource-1.8.7-2.el8_6.x86_64.rpm SHA-256: be3d5f4a3ebda7712de0a860c38bde5de61701aa4207f2ef35476a5c899331c8
flatpak-libs-1.8.7-2.el8_6.i686.rpm SHA-256: 78f1eef92487d77e1d33b2a778b75ed9c6f2e13da98848640d4a9aa3358e6c6c
flatpak-libs-1.8.7-2.el8_6.x86_64.rpm SHA-256: 4c98b3d593a274e6e72be638944e81cc280b04b436ffadf7ccb4dcb69c63214d
flatpak-libs-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: 43b004a1c27e16ea1117d6c752b4fe9bf3891f7f0ff2d0f312e7cc1319a6b228
flatpak-libs-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 83d104c786a1c50429a34ea444e22726d28b02fd6b076b473470733bc2f26d41
flatpak-selinux-1.8.7-2.el8_6.noarch.rpm SHA-256: 3d545c8872b2e256ee8169150332fb3b6e7569b1a0dcdb972ba92e36d8c3a750
flatpak-session-helper-1.8.7-2.el8_6.x86_64.rpm SHA-256: 6a7aa5cf47490dc91399bdf00cd395edc5a6450794a81adf01cb33cdd3f3583a
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: b78a39b90cf27da1782fe1f72ae4089e8be98c08bf1bf47a673f465995a154ea
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 0345fe6b1f5261f8277afdfd6b48bd9cc845b0eba33b4d44adf13ab3e5749652
flatpak-tests-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: ab8e6061dc3ab042818970b360fa3a8e0c64860090eb084316e6f142cae20817
flatpak-tests-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: bd78ae62690a3e14d613106fb04485685a6400af05ed86a30b47d1a44a10e687

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
flatpak-1.8.7-2.el8_6.src.rpm SHA-256: 7f023d0506bfd81a849fc074f63702c502905290c21e90ce0d513e203e70d08f
ppc64le
flatpak-1.8.7-2.el8_6.ppc64le.rpm SHA-256: ab9ade998d0db05e02ae7d767f5638c5fd53959fe2083fc55910b3733afe8284
flatpak-debuginfo-1.8.7-2.el8_6.ppc64le.rpm SHA-256: 7d0db1f6321d99b224e99965eb4bb78186e74e4f1e6b46cc5212def027d59ab8
flatpak-debugsource-1.8.7-2.el8_6.ppc64le.rpm SHA-256: 0ea8b54022af802c9b1aed3c74cfcca411c3738c94d7b88d6d50765a84dcde25
flatpak-libs-1.8.7-2.el8_6.ppc64le.rpm SHA-256: c75afccbe979dd6059118e852087a72b924f707b1100e09c13b24e91185a6ace
flatpak-libs-debuginfo-1.8.7-2.el8_6.ppc64le.rpm SHA-256: bb608deefcfa19e28a0a278ab8c325f1cc0245f5ab59edc5168e7c4c2a8bce87
flatpak-selinux-1.8.7-2.el8_6.noarch.rpm SHA-256: 3d545c8872b2e256ee8169150332fb3b6e7569b1a0dcdb972ba92e36d8c3a750
flatpak-session-helper-1.8.7-2.el8_6.ppc64le.rpm SHA-256: 944087d2239fac73766c42d9e034e1124b36bbfc37da66322e9a52568ea5e45c
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.ppc64le.rpm SHA-256: 3cb0d24cc1790f82d6786ca75b9af1dc629c586f0cce0c9bdcbebd97ff4ef408
flatpak-tests-debuginfo-1.8.7-2.el8_6.ppc64le.rpm SHA-256: 473bc6ddd2d75d47a448dd0964954d53da8a5168a7927b4c976d8bd7fe7226ee

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
flatpak-1.8.7-2.el8_6.src.rpm SHA-256: 7f023d0506bfd81a849fc074f63702c502905290c21e90ce0d513e203e70d08f
x86_64
flatpak-1.8.7-2.el8_6.x86_64.rpm SHA-256: 9de445fcef9864242d6c7364a4239407ecd235f21e721af85f53a82f46d74b3a
flatpak-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: d5c5f36c38c1ae47344f734a1ddd45f9ba1426e5d2b5065a335de6d22bf9760d
flatpak-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 554a703567a65e9feefbd7b5d78f16df13875c25555d86935a9931e68d3b1b0e
flatpak-debugsource-1.8.7-2.el8_6.i686.rpm SHA-256: d5c67d0e98e6a8b16fe76ba9368a148ec0820ebed08861302a18dcee9925f3c1
flatpak-debugsource-1.8.7-2.el8_6.x86_64.rpm SHA-256: be3d5f4a3ebda7712de0a860c38bde5de61701aa4207f2ef35476a5c899331c8
flatpak-libs-1.8.7-2.el8_6.i686.rpm SHA-256: 78f1eef92487d77e1d33b2a778b75ed9c6f2e13da98848640d4a9aa3358e6c6c
flatpak-libs-1.8.7-2.el8_6.x86_64.rpm SHA-256: 4c98b3d593a274e6e72be638944e81cc280b04b436ffadf7ccb4dcb69c63214d
flatpak-libs-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: 43b004a1c27e16ea1117d6c752b4fe9bf3891f7f0ff2d0f312e7cc1319a6b228
flatpak-libs-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 83d104c786a1c50429a34ea444e22726d28b02fd6b076b473470733bc2f26d41
flatpak-selinux-1.8.7-2.el8_6.noarch.rpm SHA-256: 3d545c8872b2e256ee8169150332fb3b6e7569b1a0dcdb972ba92e36d8c3a750
flatpak-session-helper-1.8.7-2.el8_6.x86_64.rpm SHA-256: 6a7aa5cf47490dc91399bdf00cd395edc5a6450794a81adf01cb33cdd3f3583a
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: b78a39b90cf27da1782fe1f72ae4089e8be98c08bf1bf47a673f465995a154ea
flatpak-session-helper-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: 0345fe6b1f5261f8277afdfd6b48bd9cc845b0eba33b4d44adf13ab3e5749652
flatpak-tests-debuginfo-1.8.7-2.el8_6.i686.rpm SHA-256: ab8e6061dc3ab042818970b360fa3a8e0c64860090eb084316e6f142cae20817
flatpak-tests-debuginfo-1.8.7-2.el8_6.x86_64.rpm SHA-256: bd78ae62690a3e14d613106fb04485685a6400af05ed86a30b47d1a44a10e687

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility