-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 09 Jan 2017 18:19:10 +0000 Source: bubblewrap Binary: bubblewrap Architecture: amd64 source Version: 0.1.5-2~bpo8+1 Distribution: jessie-backports Urgency: high Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org> Changed-By: Simon McVittie <smcv@debian.org> Closes: 850702 Description: bubblewrap - setuid wrapper for unprivileged chroot and namespace manipulation Changes: bubblewrap (0.1.5-2~bpo8+1) jessie-backports; urgency=medium . * Rebuild for jessie-backports - debian/gbp.conf: adjust for this branch . bubblewrap (0.1.5-2) unstable; urgency=high . * d/p/Call-setsid-before-executing-sandboxed-code-CVE-2017-5226.patch: Call setsid() before executing sandboxed code, preventing a sandboxed executable invoked with a controlling terminal (for example in Flatpak) from escalating its privileges by injecting keypresses into the controlling terminal with the TIOCSTI ioctl. (Closes: #850702; CVE-2017-5226) * d/control: remove Maintainer status from Laszlo Boszormenyi at his request. Add him to Uploaders instead, and hand the package over to the Utopia Maintenance Team (the same as OSTree and Flatpak). . bubblewrap (0.1.5-1) unstable; urgency=medium . * New upstream release - drop all patches, applied upstream - debian/copyright: update for build system additions Checksums-Sha1: d90de70102a82bf66cad2dffc6ecb728d3bdc24d 2170 bubblewrap_0.1.5-2~bpo8+1.dsc afe97d1011195783547101fcac29cd6f593fb1bf 5488 bubblewrap_0.1.5-2~bpo8+1.debian.tar.xz 2ce94199985f39d145c18c2a9e22a4d79bf565f7 28002 bubblewrap_0.1.5-2~bpo8+1_amd64.deb Checksums-Sha256: 7cf5b1918f6d3070d70bdd3d61210b314fc3c119d0f84b993d7614070e52e1e6 2170 bubblewrap_0.1.5-2~bpo8+1.dsc 2eb58a9b072497ad7ea20f6d8b2dfb7971feb2e0a5cba1ecb1965c83e0b68d05 5488 bubblewrap_0.1.5-2~bpo8+1.debian.tar.xz c9963ac9da30e50a647420d3bd07d467ed93f3f17b73bb36cf1540d176ec5c13 28002 bubblewrap_0.1.5-2~bpo8+1_amd64.deb Files: a718e62b15715dab4014461364277069 2170 admin optional bubblewrap_0.1.5-2~bpo8+1.dsc c2d4136e08d61079cf3d513c3216051f 5488 admin optional bubblewrap_0.1.5-2~bpo8+1.debian.tar.xz 81a638c812d7c8760ba4b126a6341cbe 28002 admin optional bubblewrap_0.1.5-2~bpo8+1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE2pjyXAhxxJpZ6v8sTej/KmPHzJAFAlhz3BQACgkQTej/KmPH zJAuyA//c7qHD0NnGwH5fu51aSehZ/pA7JLx8uLCs3uFLqpWV9Ku/QeXH2dQgjBp 7GSp4H14BI2YgoaqvQz0u3ZjNsTpgo4YILpVzM62CuyCWjVRf0ItWmkXkA98pj0t Hga4jF4aY4AFiaMNvd20pDfDa66wMhj5wHzW85Jvkyb1FOAfUmJ+cBoGSO4FdYY4 bJrNylb4afbIZ/aOHS9lPxIt682zCH2CK6HIGVbiuTr9u1GFuPfXv20QMvoKJOfb 2EoQTRy2lEfV7k/LZrtKMty/T3wh9v7eEPqCFtfebCDBdwTNnG3r+qL9Fn7OFyKv EN0usZYKls3PzAu0KNHd1sYvtfU7duGtA+0QZ230FL3SEXtUTyFRF5qKr/TWJsm4 99HKKWj+GyAsHprYTqVcBDTeB+BHDgX6xD/J/siSLPtC5tXwnls9vypck9Mm8/Pn liARRPuKgt0TGHDL//I01nc+jVQOlfpGTrzH1iFv3NBJH2t+SDZuXGVMf813gPKK W2M8WGEfcI8/kqPLccCai0TqpT9FBj+7pxPY8mjILkMBwoYYoHlB/fWARGhKDki0 7wkkLr/t4rwJi3yM0tQJTxLoncWMmnc4gn7BrMwTfWd4wx+zdLgJBMIpyXrjQ3GI bCY+7nLdEcyNFdACZIANG/FzXWwJWCbNYLberKbkXEqia67RlvI= =2aTf -----END PGP SIGNATURE-----