Comment 11 for bug 1815528

This bug was fixed in the package flatpak - 1.0.7-0ubuntu0.18.10.1

---------------
flatpak (1.0.7-0ubuntu0.18.10.1) cosmic-security; urgency=medium

  * Update to 1.0.7 (LP: #1815528)
  * New upstream release
    - SECURITY UPDATE: do not let the apply_extra script for a system
      installation modify the host-side executable via /proc/self/exe,
      similar to CVE-2019-5736 in runc
    - CVE-2019-8308

 -- Andrew Hayzen <email address hidden> Wed, 13 Feb 2019 21:31:52 +0000