Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted flatpak 1.10.8-0+deb11u1 (source) into proposed-updates
Date: Fri, 07 Apr 2023 10:02:09 +0000
Signed by: Simon McVittie <smcv@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 18 Mar 2023 15:29:44 +0000
Source: flatpak
Architecture: source
Version: 1.10.8-0+deb11u1
Distribution: bullseye
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Closes: 1033098 1033099
Changes:
 flatpak (1.10.8-0+deb11u1) bullseye; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Escape special characters when displaying permissions and metadata,
       preventing malicious apps from manipulating the appearance of the
       permissions list using crafted metadata
       (Closes: #1033098; CVE-2023-28101)
     - If a Flatpak app is run on a Linux virtual console (tty1, etc.),
       don't allow copy/paste via the TIOCLINUX ioctl
       (Closes: #1033099; CVE-2023-28100).
       Note that this is specific to virtual consoles: Flatpak is not
       vulnerable to this if run from a graphical terminal emulator such
       as xterm, gnome-terminal or Konsole.
   * Other bug fixes:
     - If an app update is blocked by parental controls policies, clean up
       the temporary deploy directory
     - Fix Autotools build with newer versions of gpgme
     - Fix various regressions in `flatpak history` since 1.9.1
     - Fix a typo in an error message
     - Translation update: pl
     - Add test coverage for seccomp filters
   * d/copyright: Update
Checksums-Sha1:
 9415f9e79461097b0f0a7f5069e739c5941bab56 3685 flatpak_1.10.8-0+deb11u1.dsc
 89420d434afa1d3bb9c43450935fd13e37ddc439 1531752 flatpak_1.10.8.orig.tar.xz
 941dcd733014f921b24cd4453c358087baf78d24 32388 flatpak_1.10.8-0+deb11u1.debian.tar.xz
 f7960493595482927849f0fb48d814f07e9912a0 12349 flatpak_1.10.8-0+deb11u1_source.buildinfo
Checksums-Sha256:
 da0ec9346527f6d42a8d953c37ee4f9f62274fc1a30a38cda57b37fb71d18551 3685 flatpak_1.10.8-0+deb11u1.dsc
 65569dbf31344581a1e7782d09e702bb41e7011ae21cd021c414a2925f84b82c 1531752 flatpak_1.10.8.orig.tar.xz
 2e265d335b5dccb841c2a93800a9384d4743311d6eb1ca721a9bde76b55989f7 32388 flatpak_1.10.8-0+deb11u1.debian.tar.xz
 9f9ca709c2102a1c8d0c092a38abfe784cfd850976a9730ca88d0238963499f8 12349 flatpak_1.10.8-0+deb11u1_source.buildinfo
Files:
 c5636ce868eaa34e0a0a4526e266c8e4 3685 admin optional flatpak_1.10.8-0+deb11u1.dsc
 25ee921580f591e87b1a8a476026e67f 1531752 admin optional flatpak_1.10.8.orig.tar.xz
 9b62911a16decfa8f2ea6491def625ae 32388 admin optional flatpak_1.10.8-0+deb11u1.debian.tar.xz
 2588f3854d83543ab1b11839521df963 12349 admin optional flatpak_1.10.8-0+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmQpdLQACgkQ4FrhR4+B
TE+LJA//SI/+evjWEtFXkmjbfH1/TWE8Kx6YzGH81e5TV6b8pRKwLXNiZLgqvljJ
Hw92uPG8xdsaGl6Xw9L+BYwGsB64IGk3ZWnSSYjulKYfl8SHp3JD+64yB5h9tsb7
kqLuPWG2xSdebU9t+3mWxAWh4Yjf9SSDtH3acTmD71ybDbWNDO0PVPZcCwyGIYFW
B/oPU4Wh2pMfNK8Lf2F18vhSiilAkAaMbJPPP9chmSw/b/2LOGwcgcxrWTe89wFi
5tzuHLrZ3zyCwsv7BaiHW5Si7NksVGJGOIg0lqWNsN1Zkd08or4uIxUvw/QH9Sfe
mNIw0Q8Cn33IGJVWkAlnGrQ/79Km9cumNE4vjqq5Mawm86VWu3I05FzYVHIQZxp/
qrytuUmcwLuR++2s+2Zna3QG3kTPcf9QJrGoTYpBCYzKn93QbglYWE1qGIgzCJlg
2ewzL572EGx3BRtaQaRTPbbCR8vgkwljsQ4rNQ3zsvBRpybmfZeEpcP62SLIQo5y
RpDEIaYkU02jz/DTAMs0cDcWhD5VDO9kylp/BsvQIfnnGH2FXE80JzoTX8nYpOpa
W2mIAhGstz/1z/Yo1kRKN82fqmkj0n/tJ0J34uTrRTGOWzk6u42ZYIOkH5q+Cqpa
ov4RYqDSF0E3P0XGoOmlszZ4/AxA26u49sS1sZ2xtSwVrsm9+9I=
=n+pR
-----END PGP SIGNATURE-----
News for package flatpak
