Accepted flatpak 1.14.4-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted flatpak 1.14.4-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 16 Mar 2023 15:05:01 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: flatpak_1.14.4-1_source.changes
- Debian-source: flatpak
- Debian-suite: unstable
- Debian-version: 1.14.4-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=1Phj85miZHtUv69vuniot/7OsJvsZUN6U7NQ8CpYsRc=; b=gxC6L3+3QTPOQhpBDC3oCXpBQO YKdpMe15tTfRdWjVZFa4KW48gl9hLDMDBXdT0tsbwNEW4r/gW6q2AYMiEXq4SA1nT7c+ThlMBndsy K/mrtRBBLBBQ0cVzU6eMFgBPgTRhpK5Puja7Ascm9PHALnnMeoQkEHpT5JlHcTj4hWTBWZpsSr2Un v4fhxNi15udDP33U0rkrSkHJH4tx2ObtrIaGI7uT8FCJATOWgEmk7Pl9U1E7ysAlC7w42MqQdyyF1 9VzQ61lt2Zn94eJ0NYGkqL9MEl1nkCcXvqgN95HYHK5lza5ikaL56NOXS7yevS7Oai+LHPLXD6LfU HeoabOJA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pcpA5-00BnPu-VF@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 16 Mar 2023 10:39:01 +0000
Source: flatpak
Architecture: source
Version: 1.14.4-1
Distribution: unstable
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
flatpak (1.14.4-1) unstable; urgency=high
.
* New upstream security fix release
- Escape special characters when displaying permissions and metadata,
preventing malicious apps from manipulating the appearance of the
permissions list using crafted metadata (CVE-2023-28101)
- If a Flatpak app is run on a Linux virtual console (tty1, etc.),
don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
Note that this is specific to virtual consoles: Flatpak is not
vulnerable to this if run from a graphical terminal emulator such
as xterm, gnome-terminal or Konsole.
- Translation update: pl
Checksums-Sha1:
545fe31fe7715b910fe186093905cc4697a744df 3647 flatpak_1.14.4-1.dsc
ce72230b06014ff8848904ada2caca8b423c8995 1637484 flatpak_1.14.4.orig.tar.xz
c00e1df27956daf0d67190c4be352c628ec285f4 34488 flatpak_1.14.4-1.debian.tar.xz
a8ea91af628568701d401ae22142c9f4f3ba7b9d 11646 flatpak_1.14.4-1_source.buildinfo
Checksums-Sha256:
158be440f8e22ac7ae5563b51e1a38088987b2be9c8bdc9932c0fdac02f641ea 3647 flatpak_1.14.4-1.dsc
8a34dbd0b67c434e7598b98ec690953d046f0db26e480aeafb46d72aec716799 1637484 flatpak_1.14.4.orig.tar.xz
bf0b74331e3a684e0b4c524f44757a79d2e90cb22418cf8934b2c10c839e5710 34488 flatpak_1.14.4-1.debian.tar.xz
e0ca70208d7ce768e700c09cc4ccd0f58d5848c678068f3e778722eea697d818 11646 flatpak_1.14.4-1_source.buildinfo
Files:
048b8e0cfe43d8cded50e693a8fe7a15 3647 admin optional flatpak_1.14.4-1.dsc
de04545ae7d547fdb65db93601591531 1637484 admin optional flatpak_1.14.4.orig.tar.xz
ba773bc57ca65aaae93ce8f8b4ac7ea3 34488 admin optional flatpak_1.14.4-1.debian.tar.xz
4c989fe0d9d634bc6f3d18f5f5ceb985 11646 admin optional flatpak_1.14.4-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmQTLRUACgkQ4FrhR4+B
TE++fg//SjRrFsrcql07WKkxFi7BO6Dp/LsgMTbhpNnYymG9jSor3LKKyYc0MFi+
6Nh/yNHna1s5mY8mNrFvUSVYuqHbxjLXWX2+w8PvhIeXMX7yeNUP7ZDZFM8kWej2
eEekxW16AP2PYgquR4EQiXei52tqL6nGgAegeNdR/DKtUKR1FiLQkykrZNT7pRDw
WY2WEiJ+By+pAiMwGRpfQg/RE/qoL3aPrEUaRP63r1gY6I5xB6oOnoamBHzUyFdp
u5yf25bmGOQXkNiPemnoPYduPVvHAxrHJtxCjAOqP8yqwYjq9sYtjmrT7edFIeJ5
tEQijVs0dluF1aRE+/ljVEgI2U17ihdN9NiIwF6tgRV9huUrYJ6qT52+H8PSquqK
rbD0jRjvUVotR1w6F0dWfQpmU3QYeDDF3b7MXWcV7QjHNfgYsBT1vYQWoIdXjGoc
K6ujbmGMJ7dNPpagAK6BRkXnSIDgTC1uaWZSU/rAcog3aS3WmpnKsTVbBQjCwec+
IM6anOxnY1SH//+klL/pJuoVgGmx5RW1/v+DgY5jisirNNmvIGhxViSdAPOgsXib
vUqKVDZ6F5HLSAhKFTIsdb5aDE8EV1aqIcZkbdVC/7jYpOKc10tTC38Vts5f9DEO
kJJNZZREtNF66KVoyHOr8+IneWPPwqUlSCt71jcem5Ag8wnqpQA=
=aB8F
-----END PGP SIGNATURE-----