-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 11 Oct 2021 10:51:49 +0100 Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak0 libflatpak0-dbgsym libflatpak-dev libflatpak-doc Source: flatpak Architecture: all amd64 source Version: 1.12.1-1~bpo11+1 Distribution: bullseye-backports Urgency: high Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org> Changed-By: Simon McVittie <smcv@debian.org> Closes: 989934 989935 995935 Description: flatpak - Application deployment framework for desktop apps flatpak-tests - Application deployment framework for desktop apps (tests) gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection) libflatpak0 - Application deployment framework for desktop apps (library) libflatpak-dev - Application deployment framework for desktop apps (development) libflatpak-doc - Application deployment framework for desktop apps (documentation) Changes: flatpak (1.12.1-1~bpo11+1) bullseye-backports; urgency=medium . * Rebuild for bullseye-backports - In particular, this backport allows the Flatpak version of Steam to run Windows games using a recent official version of Proton, which was not possible in 1.10.x. * d/control: Relax libseccomp build-dependency to 2.5.0. This is not sufficient to block mount_setattr(), but it should be sufficient to block clone3(), which is believed to be enough to prevent CVE-2021-41133. * d/gbp.conf: Adjust for bullseye-backports . flatpak (1.12.1-1) unstable; urgency=medium . * New upstream stable release - Fix regressions in 1.12.0 with extra data or --allow=multiarch * Depend on libseccomp 2.5.2 so that CVE-2021-41133 is still fully prevented. Resolving this with older libseccomp versions will require further development. * Add CVE-2021-41133 reference in previous changelog entry * Standards-Version: 4.6.0 (no changes required) * Update Lintian overrides * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch: Fix error handling for syscalls that are only allowed with --devel . flatpak (1.12.0-1) unstable; urgency=high . * New upstream stable release - Don't allow VFS manipulation which could be used to trick portals into allowing unintended access to host (Closes: #995935, CVE-2021-41133, GHSA-67h7-w3jq-vh4q) - Fix misleading progress output in `flatpak repair` - Fix parental controls check when installing system-wide as non-root - Cope with /var/tmp being a symlink - Improve handling of separate locale environment variables such as LC_COLLATE - Share host's /etc/gai.conf with apps that have Internet access - Test-suite fixes (previously applied in 1.11.3-2) * Drop both patches from 1.11.3-2, applied upstream * d/control: Add Recommends on ca-certificates. Most Flatpak users will likely want to install from https servers. . flatpak (1.11.3-2) unstable; urgency=medium . * d/p/libtest-Make-sure-ldconfig-and-capsh-are-in-the-PATH.patch: Add patch from upstream git to improve autopkgtest coverage * d/p/tests-Don-t-reset-XDG_RUNTIME_DIR-locally.patch: Add patch from upstream git to prevent an autopkgtest failure under qemu * d/rules: Remove all .la files, not just the one for libflatpak * Generalize Lintian overrides to be independent of systemd unit location . flatpak (1.11.3-1) unstable; urgency=medium . * New upstream development release * Move to debhelper compat level 13 - Drop dh_missing override, --fail-missing is now the default * d/rules: Normalize permissions of installed-tests * Release to unstable to get wider testing. We're early in the Debian release cycle, and this release is basically a release-candidate for a new 1.12.x stable branch. . flatpak (1.11.2-1) experimental; urgency=medium . * New upstream development release - Don't leak a file descriptor each time flatpak-spawn --env=... is used (Closes: #989934) - When an app uses flatpak-spawn --env=... --forward-fd=..., ensure that the file descriptors do not collide, which could result in the subsandbox failing to launch or being launched with wrong environment variables. (Closes: #989935) - Various other bug fixes . flatpak (1.11.1-1) experimental; urgency=medium . * New upstream development release . flatpak (1.11~git20210416.1-1) experimental; urgency=medium . * New upstream snapshot . flatpak (1.11~git20210413-1) experimental; urgency=medium . * New upstream snapshot - Drop remaining patch, applied upstream - Update symbols file Checksums-Sha1: f603cad08384473af720ef5a4abf898485779c0c 3666 flatpak_1.12.1-1~bpo11+1.dsc 8c35b9d787dfb5fbbe365f36bd5a21649df09658 32628 flatpak_1.12.1-1~bpo11+1.debian.tar.xz 1676283d374911bdae4d21fcc07fcc81b99b6e8c 11684 flatpak_1.12.1-1~bpo11+1_source.buildinfo 7c4cc290d44b7c1e3eaaf27b73ec98775b8a745d 6197148 flatpak-dbgsym_1.12.1-1~bpo11+1_amd64.deb 7cff7a182dfbd3370c15b6e87fb158e2a2c2746a 9603392 flatpak-tests-dbgsym_1.12.1-1~bpo11+1_amd64.deb 1a6d649d9cf2fc227dd4e6dd89ae45ad514f0d38 1147364 flatpak-tests_1.12.1-1~bpo11+1_amd64.deb 56428c7e7cb53696affa17621813418ab9e9044a 13017 flatpak_1.12.1-1~bpo11+1_amd64.buildinfo 2e811c22e47a3a6707cd61da7d706163b0dadf98 1306000 flatpak_1.12.1-1~bpo11+1_amd64.deb 888e26c2978fa0f551dbc7430d42d2ca4a0dac61 37228 gir1.2-flatpak-1.0_1.12.1-1~bpo11+1_amd64.deb 35adfa47a5e819d4bea808022ea435ac76679248 79720 libflatpak-dev_1.12.1-1~bpo11+1_amd64.deb eaf7831493545a5b926b7e37ba236dd3e5f64084 1487240 libflatpak0-dbgsym_1.12.1-1~bpo11+1_amd64.deb eeb06864e86488d8942482ad3906cc6d3119cb17 360000 libflatpak0_1.12.1-1~bpo11+1_amd64.deb 89362dc11d1aa0ab891c27d67b33bd2cfd44bf50 10919 flatpak_1.12.1-1~bpo11+1_all.buildinfo e32c2b0984fe9a00facf965813ba90c03db5c309 137488 libflatpak-doc_1.12.1-1~bpo11+1_all.deb Checksums-Sha256: 89291d144e7ce94e5030f39b86ce9329b106474d695fdbef87548cd79cf26afc 3666 flatpak_1.12.1-1~bpo11+1.dsc c7d65d6103e56d0fa28ba1456007ff49e20b8cbcac1795bfd47e19cb5318a76a 32628 flatpak_1.12.1-1~bpo11+1.debian.tar.xz 396b27561eb0885d588f1b2b80729ce214dd2cb491825c538562f31781519ab1 11684 flatpak_1.12.1-1~bpo11+1_source.buildinfo 357fa6235473d6b9b560bce853a2bfe756df04cc34ca5e338736b1639e253fda 6197148 flatpak-dbgsym_1.12.1-1~bpo11+1_amd64.deb 6822d572d88564c9a71a1af21eaf5a79fbfb4727a40cfc3459c2ef945e5e0758 9603392 flatpak-tests-dbgsym_1.12.1-1~bpo11+1_amd64.deb 8efef94e955f4946fa3a9fd1356972140dc55481eab287f5470626efc1f32955 1147364 flatpak-tests_1.12.1-1~bpo11+1_amd64.deb f369e7134f1ad84462dfee6032f0e298739f989f30048f3723a96148aca4e113 13017 flatpak_1.12.1-1~bpo11+1_amd64.buildinfo cdf2585d3b905057d3f2d6fee18dba262eb303d1189b77ba746cd1df4614cde9 1306000 flatpak_1.12.1-1~bpo11+1_amd64.deb 4da3e0a95916f22916be7118a9c7429856d8b2b90a946c798c70216d5e6986ea 37228 gir1.2-flatpak-1.0_1.12.1-1~bpo11+1_amd64.deb 2d75fdc4d62ce5fd7b8dffc7c440e604a9459b66a37f034f3bd960bd136268ef 79720 libflatpak-dev_1.12.1-1~bpo11+1_amd64.deb 41487983fdf6408790cc2d320f8bccc012ddf8b77d7876e2f8c740164ad22e95 1487240 libflatpak0-dbgsym_1.12.1-1~bpo11+1_amd64.deb 3ac6f31fedbb7032ccf98f408e2a92c02471ded95dec0de2948242f2ea1893bb 360000 libflatpak0_1.12.1-1~bpo11+1_amd64.deb 2865212eace9bc12c62b74d1d4762cb63c383b3112c890e9ab6a064170fda521 10919 flatpak_1.12.1-1~bpo11+1_all.buildinfo eed5c3a85adf1eec8ebd2c0c2b8e02ec02c59d8930041a7f129ec0bf042bc06f 137488 libflatpak-doc_1.12.1-1~bpo11+1_all.deb Files: 75acfa7f8f901d65d1a32b535dfe27d8 3666 admin optional flatpak_1.12.1-1~bpo11+1.dsc a22c870996a70af567b07c8007f65648 32628 admin optional flatpak_1.12.1-1~bpo11+1.debian.tar.xz 203e5806cefe3070315099654ffe04db 11684 admin optional flatpak_1.12.1-1~bpo11+1_source.buildinfo 15c9864ecc9098a8e673a9e57262cdeb 6197148 debug optional flatpak-dbgsym_1.12.1-1~bpo11+1_amd64.deb 996a682b205508c68045ad79628fd19d 9603392 debug optional flatpak-tests-dbgsym_1.12.1-1~bpo11+1_amd64.deb fe8b33e174419235e7d99aeb1483fd56 1147364 misc optional flatpak-tests_1.12.1-1~bpo11+1_amd64.deb 8fda7ef8400cd39541d7b6bce3844cb1 13017 admin optional flatpak_1.12.1-1~bpo11+1_amd64.buildinfo b69c8ef35a017733f331638bf410a147 1306000 admin optional flatpak_1.12.1-1~bpo11+1_amd64.deb d7509cef4f29291ea20860d02dc66142 37228 introspection optional gir1.2-flatpak-1.0_1.12.1-1~bpo11+1_amd64.deb 0e274758362b8986ee855d75a6782c45 79720 libdevel optional libflatpak-dev_1.12.1-1~bpo11+1_amd64.deb 0c320c63c7a8ea4ef1416315827f9eb0 1487240 debug optional libflatpak0-dbgsym_1.12.1-1~bpo11+1_amd64.deb f59f9ba28cfbb4d4634016b117fc90d3 360000 libs optional libflatpak0_1.12.1-1~bpo11+1_amd64.deb 4834300cd4ebc58ad2a41203de9d4459 10919 admin optional flatpak_1.12.1-1~bpo11+1_all.buildinfo 8251926d564b5235ef4a76a9d0b7da75 137488 doc optional libflatpak-doc_1.12.1-1~bpo11+1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmFkhvQACgkQ4FrhR4+B TE/Zlw/7BSYo0njN20rhQFxCiS2xFtZq5htWpVe/dbBFQZZpUorxKhMkT8gYhQjI lFheFQyzGEbHVFBsOBrfLDWnVvycEdjGIPjQ7XkTUWdydrKczX8NQekj8CXFOcTj KTPwHOuD/tTFF1k5vVGPXpjjYDQVjaJbQ4pn/IXT3juY4b8jvIwuBUhK+fz28wsP Q+mKIyNi8o2EV/py5xtiMOY1dgH25fYKpBgUKBR8XaEBBiK/geysVjcD/i706AzV sqPqiQI0RKRgUO6ibUf+R9y3Ecev5F9YMjr3Q46OB6rQ5NnDUnrB+3MEStIku07q FvtbEeRF0+3JzpEofv3dMQFB1wvpkihms9UNhN4F6gfwaSB8X0Vsp2IVLE0lWE/B 93uYkhvLDgTC2i+7B5Va/fCMU9L9xR3Y/71CbLwtPrv/MnZMjYUiHodtv4EKJNrg mTcqYBYYpQWenGLaPD+tQsBlr/sUQgkxFmkTxT2GHx7Gy6mr+gpEbKTYRhuU3P6l Aqj9UjQ91xbkalMpML3ByhRpqruuog4NrEpPCzuhfj0kzmLUkGSMilACm/+MXjic 86y+XitHi8Fjky4wdJ0duvu1VN9amKEIHZ7m1OLhBlDDgInKZ61POXYNc/FqrILM O69sndfNCW77FpGl5XaM6GhI1M4zjleiHs6w5Ddv19WjEfbMHbk= =Grqg -----END PGP SIGNATURE-----
