1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted flatpak 1.14.6-1 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Thu Apr 18 18:40:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 17 Apr 2024 19:34:28 +0100
    Source: flatpak
    Architecture: source
    Version: 1.14.6-1
    Distribution: unstable
    Urgency: high
    Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
    Changed-By: Simon McVittie <smcv@debian.org>
    Changes:
    flatpak (1.14.6-1) unstable; urgency=high
    .
    * New upstream stable release 1.14.6
    - Don't allow an executable name to be misinterpreted as a command-line
    option for bwrap(1). This prevents a sandbox escape where a malicious
    or compromised app could ask xdg-desktop-portal to generate a .desktop
    file with access to files outside the sandbox. (CVE-2024-32462)
    - Don't parse `<developer><name/></developer>` as the application name
    * d/control: Drop alternative dependencies on transitional policykit-1.
    polkitd was released in Debian 12 and Ubuntu 22.04.
    Checksums-Sha1:
    5dbdb0f5088699c195f51fefe29703eef33cd613 3947 flatpak_1.14.6-1.dsc
    4b188203f922b2058a068acde1c7ff1be2b7c907 1644056 flatpak_1.14.6.orig.tar.xz
    f35f25faf791811fe2cc8f9a37325c4f0b00a9a7 833 flatpak_1.14.6.orig.tar.xz.asc
    cca9f9429e8994bb461b4411ce3da9fa65002deb 35100 flatpak_1.14.6-1.debian.tar.xz
    6aedf80851dc426bb50c17dad16493171bfb7ac8 13260 flatpak_1.14.6-1_source.buildinfo
    Checksums-Sha256:
    df11177d6d6e31f1665764e7a8a6f8fbde73ace65d93901009491741f402efc1 3947 flatpak_1.14.6-1.dsc
    538f36b2c6f8c70eefd12d13ad5b1ad830820106a8bd3a9f6b8e4d9de81e4946 1644056 flatpak_1.14.6.orig.tar.xz
    cea823b8b03abcdc07c92912f8795e046912ad616c9ade4149abf10703d37ec7 833 flatpak_1.14.6.orig.tar.xz.asc
    81bd91e50df8f8d1430823fbce06dee13d5ec789a6bd908069b87cf8445eaad2 35100 flatpak_1.14.6-1.debian.tar.xz
    638fc2349786baa5e881d73ee81a3c52d8663005859da3937ac1a7f48c37eae0 13260 flatpak_1.14.6-1_source.buildinfo
    Files:
    1b92a239add2460af327d3a87ffec2e2 3947 admin optional flatpak_1.14.6-1.dsc
    9ac68b1521067c400b3be401e533d20e 1644056 admin optional flatpak_1.14.6.orig.tar.xz
    5b164168c9c4ee18596523c05010fc93 833 admin optional flatpak_1.14.6.orig.tar.xz.asc
    732349da8dad445cf76b7a2a56bd50df 35100 admin optional flatpak_1.14.6-1.debian.tar.xz
    6b2ffd3083644145010800dd1b42ac28 13260 admin optional flatpak_1.14.6-1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmYhSdcACgkQ4FrhR4+B TE9t6BAAsDWOR6NOq+28uhgSFa0LxncnhCSzGzhphAtZOWN17VXCBFcDTTwNehZx xjzzb0oodqFmElFlQtLsEJt2WMIbFup8yLy8gzFyr2ivRbhZ3HPpAKc2FW5sBT85 XIyRKRX/WI7nyy8cN+l9nKbo9gks+/K9XatZTqyRfgL/Po13paFjmPZMN/ifPPAl /73MjuSUkdRRcU23MtQkGDMiDGLat3hFNJcfd513854Z4NgpGkWdyeQoHT48IwfX fY1te+DYBn/ZBMFJqJTiduionDHCoVEiE4KZQY5aot1H+McRUDpnQqFD2xDuEMJE DblpE0t0QzEwqzDIIc9D0kqYWwWl6sOxPzFbvQP/bYQVZeTa1Zc0wtVNqnHLKjq3 /qA2z/d8muWiLDr8hpScG6N4/xBdi8O/nnpwes1hZvExoxqspIw5tpXHcx5ApVQx KiiVj9LAnvJjPY7WdM92aW7LLw0UDUjFP71+D7wOIrC5vbIg15SMpwvhlDrivzMZ 9j2fbyr0G/ed1A1ntvGjnAW4a3tUio9i1ihWYoCLRlxQRCjgkVaibh1YOJOAPOGs ULJBc6OCyveEgPANDWZyV7D8JOueta/S8BNAkpNEr2+hpFk6KQ0RZ9LFfne0AZ+b kCNgPi9UJq2Ote8+F62zildc/rnru1TyaD7Glni/lYE+q1kqwmQ=
    =NH3v
    -----END PGP SIGNATURE-----


    --==============†08937136396128400=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZiFLkgAKCRCb9qggYcy5 IXTFAP9Z6HALtgBw+ZLA2PBIX77/h+E6/loSXT4Hc8X20s634gD/b/UA28fmp5q4 enmAPg8NJ0l7p85fCBcFHlnL0lB/mQY=4JEB
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)