[Pkg-utopia-maintainers] bubblewrap_0.1.7-1~bpo8+1_source+binary.changes ACCEPTED into jessie-backports->backports-policy
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Feb 27 13:03:32 UTC 2017
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 27 Feb 2017 11:05:06 +0000
Source: bubblewrap
Binary: bubblewrap
Architecture: source amd64
Version: 0.1.7-1~bpo8+1
Distribution: jessie-backports
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Description:
bubblewrap - setuid wrapper for unprivileged chroot and namespace manipulation
Changes:
bubblewrap (0.1.7-1~bpo8+1) jessie-backports; urgency=medium
.
* Rebuild for jessie-backports
- debian/gbp.conf: adjust for this branch
.
bubblewrap (0.1.7-1) unstable; urgency=medium
.
* New upstream release
- effectively the same as 0.1.6-2
- drop all patches
.
bubblewrap (0.1.6-2) unstable; urgency=medium
.
* d/p/Make-the-call-to-setsid-optional-with-new-session.patch:
Add patch from upstream to make the setsid() that addresses
CVE-2017-5226 optional, because it breaks interactive shells.
Users of bubblewrap to confine untrusted programs should either
add --new-session to the bwrap command line, or prevent the
TIOCSTI ioctl with a seccomp filter instead (as Flatpak does).
- d/control: add Breaks on versions of Flatpak that did not
load the necessary seccomp filter to prevent CVE-2017-5226
* d/p/demos-bubblewrap-shell.sh-Unshare-all-namespaces.patch:
Add patch from upstream to improve example code
* d/p/Call-setsid-and-setexeccon-befor-forking-the-init-monitor.patch,
d/p/Install-seccomp-filter-at-the-very-end.patch:
Add patches from upstream to re-order initialization. This means
the seccomp filter is no longer required to account for syscalls that
are made by bwrap itself.
* d/p/Add-unshare-all-and-share-net.patch:
Add patch from upstream introducing new command line options
--unshare-all and --share-net, for a more whitelist-based approach
to sharing namespaces with the parent.
.
bubblewrap (0.1.6-1) unstable; urgency=medium
.
* New upstream release
- drop the only patch, applied upstream
* debian/patches: update to upstream master for additional fixes
to SIGCHLD handling and documentation, and improved hardening
against being able to obtain capabilities
* debian/bubblewrap.examples: install upstream examples
Checksums-Sha1:
5b4285caa051e996f9be959eb5dfeea6e5ca4abe 2170 bubblewrap_0.1.7-1~bpo8+1.dsc
c093b95ef2cb9f4676a1e1f83cd3eb1a5e8f6af4 5724 bubblewrap_0.1.7-1~bpo8+1.debian.tar.xz
86501e7f131918df6334cb63cb43366627545925 30804 bubblewrap_0.1.7-1~bpo8+1_amd64.deb
Checksums-Sha256:
cd8357e15cfc32cbc1ac33423f1c1e7696a15ea798d155bfd1a1499fb0661901 2170 bubblewrap_0.1.7-1~bpo8+1.dsc
46ec803ca2d997192f3decbce34ec09cf66912d0d0b2113657ca5e40b59ebadf 5724 bubblewrap_0.1.7-1~bpo8+1.debian.tar.xz
5b99dfb44dac6bfa2b031ab0dcc2ff88f31f1b746bacbd7fd4ea7d75c4156313 30804 bubblewrap_0.1.7-1~bpo8+1_amd64.deb
Files:
6a8425dc585cba9df1fa0816e3682d67 2170 admin optional bubblewrap_0.1.7-1~bpo8+1.dsc
2801ab4d8296e69ca0f0f40754d51240 5724 admin optional bubblewrap_0.1.7-1~bpo8+1.debian.tar.xz
6f96cd92599f5ebb68fd8861dd569fb1 30804 admin optional bubblewrap_0.1.7-1~bpo8+1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE2pjyXAhxxJpZ6v8sTej/KmPHzJAFAli0IMUACgkQTej/KmPH
zJD7Dw//b/VmetG9B69KNo8IDj813HG98LrDd4j/ur1M12hXMinjrVUMpzdBUpxg
J8EwVD5J7rftYR6Iys53hWTaZZDRFu+qiQqu/vpJZWS8Xd7avBk8Uv/usPp89zzT
RpN70+/ZM/8MYC80/QwlxQ33wk/9M+d7Z75XyvNgiFDff9RoU5oyQnedJX088BfZ
k9/KEYwR8UxXcHWOmc9vNFaHK1JtGM5QKVo+xdUV/FrSPFCMed8D5JiAv5oesAiB
ZDgmyZXJr7AH+ccSKFPNSgGNuX3cE//8f/VEemoDVYrsSqnP4gpo5vIt29FpmeWV
uyJsd5m7bZ2P8oB0oymrZjR96Na1sK7MdeWaN81doaYm2xvXG0vYl227QBa/EWCO
F+Hcw9Lxr/YYwbuG+WD8+CGrNmjcwjqzDQSLhbY2fVXqQtg9KXvTVpqWMOjsGLkL
Bu+fVJXVR/cvGpCdeXErU7HfAEm3Gv3MmMnOWk89nIBaLxFbDZWcr+f/QCURxjy1
C3r30lOaT2Qf3siku/6mVOTv0Jl1cVuk5XVhNf+P2+Rt0KF816smUFhHjsVHLsX8
L6etjSEMn2RYvu7EC7m9wmUOTULW9B0Hti2lMuyBv/QFZeRSjWoVxs/7DOmjZ77H
m2bj9AOmTzK5gm6L0rAEQ933vtzrlhgYXTlf5CQhtoCPSELSqGA=
=x7L0
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-utopia-maintainers
mailing list