1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted flatpak 1.10.7-0+deb11u1 (source) into proposed-updates->stabl

    From Debian FTP Masters@21:1/5 to All on Sat Jan 22 20:20:02 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Tue, 18 Jan 2022 18:24:45 +0000
    Source: flatpak
    Architecture: source
    Version: 1.10.7-0+deb11u1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
    Changed-By: Simon McVittie <smcv@debian.org>
    Changes:
    flatpak (1.10.7-0+deb11u1) bullseye-security; urgency=high
    .
    * New upstream stable release
    * Security fixes:
    - Prevent a malicious repository from arranging for permissions to be
    granted without being correctly displayed during installation
    (CVE-2021-43860, GHSA-qpjc-vq3c-572j)
    - Provide a new --nofilesystem=host:reset option which flatpak-builder
    can use to prevent malicious builds from creating directories
    outside the build directory (CVE-2022-21682, GHSA-8ch7-5j3h-g4fx)
    * Other bug fixes:
    - Fix error handling for syscalls that are only allowed with --devel
    (this change was already included in 1.10.5-0+deb11u1)
    - Improve diagnostic messages when seccomp rules cannot be applied
    - Update Polish translation
    - Clarify documentation related to CVE-2022-21682
    - Improve test coverage related to CVE-2022-21682
    - Be compatible with newer versions of python3-pyparsing
    (the version in Debian 11 generates identical code before and
    after this change)
    * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
    Drop patch, included in 1.10.6
    * d/copyright: Update
    Checksums-Sha1:
    1240ace4e1542ffdb210ca18f61684822f95d124 3564 flatpak_1.10.7-0+deb11u1.dsc
    5f93e0a445a2e0088f114c2e2a192ce7a98faae2 1519520 flatpak_1.10.7.orig.tar.xz
    a2f4ecfda580108f4c3d3142c7110c21d6acbf07 32048 flatpak_1.10.7-0+deb11u1.debian.tar.xz
    16b1f8b21f1a76c9a55afc6b9f5e0e5dec70e415 11716 flatpak_1.10.7-0+deb11u1_source.buildinfo
    Checksums-Sha256:
    2caba7bc87daca0b1e2be2d74df8e6093da0a2d895e0d0381420cd738bd58c00 3564 flatpak_1.10.7-0+deb11u1.dsc
    6d10b13d435ca4d1c2bddb8338a85a19c8efd5df84ed97ef7d3c385bb56adb8d 1519520 flatpak_1.10.7.orig.tar.xz
    e60cf98ab4e3b3188fb090df0ad816b02bda19bd0bf1ab2ad2c85a06debf9e75 32048 flatpak_1.10.7-0+deb11u1.debian.tar.xz
    5cf2ed6386070d18221490273035d808d0eccefe68e6c9aef83de7ba7d166f70 11716 flatpak_1.10.7-0+deb11u1_source.buildinfo
    Files:
    bd23488f3686365f765975327912f1ec 3564 admin optional flatpak_1.10.7-0+deb11u1.dsc
    a711d9a1b056975bf4169be191c6bb8d 1519520 admin optional flatpak_1.10.7.orig.tar.xz
    33d125cfad4e6f4e4c9e9fbd890ef118 32048 admin optional flatpak_1.10.7-0+deb11u1.debian.tar.xz
    ea780247e6401116a6311041c19a976f 11716 admin optional flatpak_1.10.7-0+deb11u1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmHoN+4ACgkQ4FrhR4+B TE/YEw//aEbfRInraqw6SbGKYtpiToYejoo8+lcriJWneZ46mdcfJjsztwJxo/zM ECUSdveg7bjbgOvGX9bAV36LYtefdW6jrGtadPvIZn7uXrFD8yvm39Jeh7r+kVrT xwdupoKuQa7X8g5Gt6T2h7fUwUWOAdurm2ssEwoVcfnEvDhFGfIFWzXmSXQxhKPQ HE1MCIksk8j0ZeJbhEOtZx2ONVA7/DUdV09jSmHYQvOdf08s9Kcf4CRFSkqz0eIU aeEtvSLC5xw1YkdTnclaYQilvAiM6C7drpFOTQfDnLCp1HWSc4L6jc++/UycMrgt M8qeNkXIxZ67o8fmqOXQ2X+fSC6SAEE3YquTIBg3Y8pTNN1sNyrFC4DbdRhWwVZU Jkwzm0QD/wewpFtaKIv/VzpHYASNF2vgMEAzNlEvZrEWwrQRmA9Dj1CmIecIae0H a056iiEYccqHVM5XqJa7QtSI77UwTrTxAyFUG3mvnHvN1AiTuIWAa5ae4OCdZvAn +CxgR8E2vGXHT8RFIjd1yUaKdP1+BH55RcHETJBb1IBDTSsKRh7QrZyklICUdVPK 7U33JfPPLyoHxo1OyuzkpwnTUpE5xpQsjFZ+4NwkYuy1jcsqMF/06kdtgq4E7CGG K//UxLqZw7chWrlZU2MpSFEF3JKP9jqHpoefzPyKkH6veOPjZvY=
    =nebJ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)