A security issue fixed upstream in firejail has been announced today (June 8): https://www.openwall.com/lists/oss-security/2022/06/08/10 The upstream commit that fixed the issue is linked from the message above. Mageia 8 is also affected.
Status comment: (none) => Patch available from upstreamWhiteboard: (none) => MGA8TOO
Note the subsequent fix commits too: https://www.openwall.com/lists/oss-security/2022/06/09/2
Status comment: Patch available from upstream => Patches available from upstream
Now fixed upstream in 0.9.70: https://firejail.wordpress.com/download-2/release-notes/ https://github.com/netblue30/firejail/releases/tag/0.9.70
openSUSE has issued an advisory for this today (June 20): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BANQSQMV546D7IN75266REGOZOIGQEUH/
Debian has issued an advisory for this on June 22: https://www.debian.org/security/2022/dsa-5167
Fedora has issued an advisory for this today (September 14): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SIBEBE3KFINMGJATBQQS7D2VQQ62ZVMF/
Severity: normal => critical
mga8-64, updated from 0.9.64 to 0.9.70 in testing. I never learned to use this tool adequately. But I note that it works like before in simple tests. Someone more used to it should test before OKing. Related: Bug 30858 - firetools update, have a couple wrinkles
CC: (none) => fri
Fixed in cauldron with firejail-0.9.70-1.mag9.
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
Because of bug 30858 comment 2 I had to push a new release to mga8 core/updates_testing. Please test firejail-0.9.70-1.1.mga8. SRPM/RPMS: firejail-0.9.70-1.1.mga8
Assignee: jani.valimaa => qa-bugs
Status comment: Patches available from upstream => (none)
CC: (none) => jani.valimaa
MGA8-64 Plasma on Acer Aspire 5253 No installation issues $ firejail thunderbird I could send a mail from it to read on my desktop PC, that works OK In a second tab on Konsole: $ firejail --list Warning: cannot read UID_MIN and/or GID_MIN from /etc/login.defs, using 1000 by default 9331:tester8::firejail thunderbird Seems OK.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0348.html
Status: NEW => RESOLVEDResolution: (none) => FIXED