Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as CVE-2026-34078. File system exposure Two additional fixes address file system exposure on the host. CVE-2026-34079 prevents arbitrary file deletion on the host filesystem. GHSA-2fxp-43j9-pwvc prevents arbitrary read-access to files in the system-helper context. The fourth fix, … More →
The post Flatpak 1.16.4 fixes sandbox escape and three other security flaws appeared first on Help Net Security.
http://news.poseidon-us.com/TRwpMm
