[Pkg-utopia-maintainers] flatpak_1.10.8-0+deb11u2_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Apr 19 19:19:30 BST 2024
Thank you for your contribution to Debian.
Mapping oldstable-security to oldstable-proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 18 Apr 2024 18:17:20 BST
Source: flatpak
Architecture: source
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Changes:
flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
.
* d/p/When-starting-non-static-command-using-bwrap-use.patch,
d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
Don't allow an executable name to be misinterpreted as a command-line
option for bwrap(1). This prevents a sandbox escape where a malicious
or compromised app could ask xdg-desktop-portal to generate a .desktop
file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha256:
522a4021f1e3e004134f697c9af03d215f4c821585aac5fc451976a9ed690be4 3564 flatpak_1.10.8-0+deb11u2.dsc
65569dbf31344581a1e7782d09e702bb41e7011ae21cd021c414a2925f84b82c 1531752 flatpak_1.10.8.orig.tar.xz
2f4d3e8ed738dd5bfe531de6bd29ff7b1e9ec24db228b327298761c2b290093c 33824 flatpak_1.10.8-0+deb11u2.debian.tar.xz
1f8d5fd6cf89e161a1b04154e0b05b989283574347b2bc7e7bc2d8c595f4ab6e 12517 flatpak_1.10.8-0+deb11u2_source.buildinfo
Checksums-Sha1:
afe14c8e0e8fb474fd651fa2ccad6fbcf19ca05d 3564 flatpak_1.10.8-0+deb11u2.dsc
89420d434afa1d3bb9c43450935fd13e37ddc439 1531752 flatpak_1.10.8.orig.tar.xz
89b2af4d09ae8a352324240d0b3ecce12cf76190 33824 flatpak_1.10.8-0+deb11u2.debian.tar.xz
52e1ac5a563d5d2aa8b664699958028b7cd9ea55 12517 flatpak_1.10.8-0+deb11u2_source.buildinfo
Files:
9e9c1c923ba858dc532342040160ebfb 3564 admin optional flatpak_1.10.8-0+deb11u2.dsc
25ee921580f591e87b1a8a476026e67f 1531752 admin optional flatpak_1.10.8.orig.tar.xz
1b9a399fcfc2ea9f454ffdf985615606 33824 admin optional flatpak_1.10.8-0+deb11u2.debian.tar.xz
bed1e30c3ba19ad8819e7e0cc94f614e 12517 admin optional flatpak_1.10.8-0+deb11u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmYhbU4ACgkQ4FrhR4+B
TE8gYw/7B+DviQj6w1TX9WOwcnHwBmNJVWq2D2Aww306jtsoakbTdrkKmclYqQFW
/+egEYN9LCa/pY9qWe3gZJMNVpruTpY2E59shsQ+5xQyRzHR28kTn90wXGLdMD6E
isIg5Au4f6s+d/qYBy2eAxehSRHAci1St5WDtaYdcvPy2Hx+fsFSUSMi8rm4G69i
PlkM5KpxEa8FPwjCaHBSlzJY67RWzToD4LlGEnDzwDXRxsmBYcaj1GpL9jkJfX4Q
sug/VvQhuL9LNOaDPSjdjdoAYzwR9kxPGkb20T6kpweDHGA9q0VnxmzurmAIiUZy
Prcd0EKbNB0DzIJjctj6czISCjyHSiYrXJudWyqyHmsJKW8lndtVX8f01orUqTYM
OcUDjSZrQfsmioZ+YYm8CFYUtMEUMWh20/gaSfCQA9UzJ4fskiVb9/mSIg4C0/bs
9n0BWEhX4uPqyVeUkVXdDZswXa8E/u/kWjYd9cUP947CGGPi8PNXQu0k19WUKR+5
ROkchw6+URvKVwoxNHEwRld2JoKClrqm4faUXy3WTaIHlwqDXe6sPuNqor7Eem+u
WZZ0fWH167FMD3csPAjWKmJEEqIYW3uSRbkNbpAGV3MmvSJUs4Cx4jMKMmH2o6ql
9jcULTT5vcRNaiJpPGlt2RyfEasbc8sNjvkmOhuEiVocw7fSiAE=
=3Xwn
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20240419/0dfbdcbb/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list