-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 08 Jan 2021 09:24:01 +0000
Source: bubblewrap
Architecture: source
Version: 0.4.1-3~bpo10+1
Distribution: buster-backports
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
bubblewrap (0.4.1-3~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
- Return to a setuid root /usr/bin/bwrap, the same as before 0.4.1-3,
for compatibility with the default kernels in Debian 10 'buster'.
(Reopens: #977841, #977758)
- Adjust README.Debian to mention that bwrap is not setuid in
buster-backports
.
bubblewrap (0.4.1-3) unstable; urgency=medium
.
* Stop making /usr/bin/bwrap setuid root.
With Debian kernels >= 5.10, this is no longer necessary: unprivileged
users can now create user namespaces, the same as in upstream kernels
and Ubuntu.
For smooth upgrades, install a sysctl configuration fragment that will
configure older kernels to behave similarly if the recommended procps
package is installed, or if booting with systemd. (#977841)
- This change also makes more Flatpak features available; in
particular, it is necessary for the Chromium browser.
(#977758)
* Include setuid status, etc. in bug reports
.
bubblewrap (0.4.1-2) unstable; urgency=medium
.
* d/gbp.conf: Rename development branch to debian/latest
* Standards-Version: 4.5.1 (no changes required)
* Reference CVE-2020-5291 in previous changelog entry
* Add some bugfix patches from upstream
- Correct the name of PR_SET_NO_NEW_PRIVS in an error message
- Silence warnings from the kernel when a non-Y2038-compliant
filesystem such as xfs is remounted into the sandbox
- Don't fail if /proc is read-only, as it can be inside Docker
* Forward python3 patch upstream
* d/control: Canonicalize case of Multi-Arch
* Add a patch to fix typos in the man page
* Add a README.Debian describing ways in which bubblewrap can be used
* Add patch to include Debian-specific links in EPERM error message
Checksums-Sha1:
bcfc15dbb1ca380a8bbb2d156e1d45fcba1cd04f 2345 bubblewrap_0.4.1-3~bpo10+1.dsc
05cd8bcf662a0c984d153e1c01e3d1046b659752 13980 bubblewrap_0.4.1-3~bpo10+1.debian.tar.xz
be344508671ffe9ac7543c70307fff7dfb5371bf 6125 bubblewrap_0.4.1-3~bpo10+1_source.buildinfo
Checksums-Sha256:
c8c22e9c7fad077365577a2504b919af895bc54ac76d96c17dbb7b2125ef02bc 2345 bubblewrap_0.4.1-3~bpo10+1.dsc
ef88e4c54bed18bdf791a7a540d2ef8c622426ca9312be7a61d8e08ba1284cd6 13980 bubblewrap_0.4.1-3~bpo10+1.debian.tar.xz
c7a5c6cf6a3de8f7ae1eb4be8b1c58035e170ac2982d1cfc4ec6a7b332ae836c 6125 bubblewrap_0.4.1-3~bpo10+1_source.buildinfo
Files:
7eaee5c87157c40f04c9bc7533ec3b79 2345 admin optional bubblewrap_0.4.1-3~bpo10+1.dsc
e33b0438aac138dbfde49cf56fb14a28 13980 admin optional bubblewrap_0.4.1-3~bpo10+1.debian.tar.xz
e22edde809989b2499269fa4c3a23faf 6125 admin optional bubblewrap_0.4.1-3~bpo10+1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAl/5l3AACgkQ4FrhR4+B
TE83sA//SiCwMFDaVV4OLN01I6vDt/DtZaVH3A+Mno/LYFWhc4plHJem4eId9GFN
NovjsV8ckqVy3sRpE2FmHauu7mVTwpjeXFkth6rWMSktZq1ob53ioaSbi9cruiL2
ExB5DA/y54LzgPGH0K3jWgdkptLKoo7wYg8PqFNQpEDjnkFgrVfH5W74ZuotFxov
U2rC25j/fRdk8NqugSUE1G8Cp4mTniG/X/2+7WJyIr2eAy7EZF/K0qnuMcnQz7xB
kGzqzAAj49t8XXMFvn77l5vqFiGUG64qkYGbDWQFMLrWXsoNDQcJJqcr5Yihh0xt
9DDetDwKhahoUZE/T/6+6+81InRFRIBKRN++1fDj5/HKBN3cRXXlJZDK94veAjOQ
WZk3VNGAUnWw0eodBdO7pcJX5cuev3eXtqO3+99z63uO/1NbNmQxK9D5hoDrOXQZ
od6Xh7HJPdss2nYUl5XkdI8HvrwUDh51p+f0IDuxqd2vO2jURu+n4ZcG0CFYdQ9t
N1IuBzhZonNpqFu7R72r1jwBvc6tIobF8ZPqovcz82j0DG5RHeaxrAa86qYvyNmu
wxie/J6q2h49X9d8UtOxSoDI2+zJ5jC2bEizVKg/uIPKAu7Meah9rdI2mGmq7cS4
MmkX+chu6w6JWOGLqXSCxpfJYaSqkiwUjFlR78BOFEz+hW9+gEI=
=nmOE
-----END PGP SIGNATURE-----
