Back to flatpak PTS page

Accepted flatpak 1.14.4-1+deb12u1 (source) into proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 18 Apr 2024 18:26:58 BST
Source: flatpak
Architecture: source
Version: 1.14.4-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
 flatpak (1.14.4-1+deb12u1) bookworm-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
   * d/gbp.conf: Use debian/bookworm packaging branch
Checksums-Sha256: 
 4d24771540c47fc79172311e1df3e6afa9e1878ea5d0be675d2052bf8d82c2bb 3566 flatpak_1.14.4-1+deb12u1.dsc
 8a34dbd0b67c434e7598b98ec690953d046f0db26e480aeafb46d72aec716799 1637484 flatpak_1.14.4.orig.tar.xz
 000ff7ff87d6ff8b66498dea87e0afa618a85bf0860137ebade46427e6f137f5 35992 flatpak_1.14.4-1+deb12u1.debian.tar.xz
 f887f41af67235b4deca08f061d032a8a358638841db52dbb016ee1ec041f65a 12176 flatpak_1.14.4-1+deb12u1_source.buildinfo
Checksums-Sha1: 
 fad9f4c2b63d0878b43d5075adbb3a206e23a1d5 3566 flatpak_1.14.4-1+deb12u1.dsc
 ce72230b06014ff8848904ada2caca8b423c8995 1637484 flatpak_1.14.4.orig.tar.xz
 d91157a2a2e2c368e821e04f54028ace7d35f47a 35992 flatpak_1.14.4-1+deb12u1.debian.tar.xz
 7d515fb88b157b2db7284574e8f65b6d0bff5b80 12176 flatpak_1.14.4-1+deb12u1_source.buildinfo
Files: 
 5d69069d3d80d604bd792c4e3a0b187d 3566 admin optional flatpak_1.14.4-1+deb12u1.dsc
 de04545ae7d547fdb65db93601591531 1637484 admin optional flatpak_1.14.4.orig.tar.xz
 1fb581982793b2b09e1c31622c6ba474 35992 admin optional flatpak_1.14.4-1+deb12u1.debian.tar.xz
 e1db90bdb553e9f24e36d86f2f77932a 12176 admin optional flatpak_1.14.4-1+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmYhbWMACgkQ4FrhR4+B
TE8qrQ/9GF7xiDL9BW3PwH6hSETzIs0uPMFhnXA6YBrSH8TMfoU4KRAJqFbxWwuu
N4b23BxxdFbldwjXnmvak+9EHhw0oCyOZD2IP0CErK9mhHSwSoZxJUQAvgqsmrLb
u7f7drGAHinzRuupi0JYVW4tP/3V5nlir1ZRtcg3AJbpgZfnOvhguSsWS3pz5DOw
Fm90EcldUts4IZwqqrCCGbS/2i+uU0FVt0GAl+999eRwxznbb3MpyyaKeRfbonGn
W1IngXsueULIuIb/onn+4hKg+X1QcohT16HANQMSH2X06Oqm9NLY9h3UfZKnJK2p
yjPuAxUHPV45f4OvDa0opwveOISCALAB/FznToV1Psgqgzk1qPHjWE8VWS8tT5aj
F/cYyLZouivdWjPJudOjOZR7JTrl6o9GnskuFBFirY6VNdBObIMxex1k5bjPfIZh
KwSrM5CLfE4L2gtOGUpQ/g0fOeFfTaG+TtksS8q5yvQh1FoEeT6y/QENLPeRijQp
WZN7Lt92Tm/KS8SRPCvB6ZHUoqDJUZHiVJEMtldZc2CKJuMNrljF4dEb8CIb4e+A
RxvgEFLuv1M3ZnLjarSS7W2S1JBayJnnROs2Kh/aPQRvXij69OQbyk8PWZBEmqXx
EWiVeDJMAPdpypx+h8QCpIjxmjCMA+4R2lqKMh3Ygma5pcDTbus=
=btKX
-----END PGP SIGNATURE-----

Attachment: pgptn_oryDENC.pgp
Description: PGP signature