[Pkg-utopia-maintainers] flatpak_1.10.8-0+deb11u2_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Fri Apr 19 19:19:30 BST 2024


Thank you for your contribution to Debian.

Mapping oldstable-security to oldstable-proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 18 Apr 2024 18:17:20 BST
Source: flatpak
Architecture: source
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Changes:
 flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha256: 
 522a4021f1e3e004134f697c9af03d215f4c821585aac5fc451976a9ed690be4 3564 flatpak_1.10.8-0+deb11u2.dsc
 65569dbf31344581a1e7782d09e702bb41e7011ae21cd021c414a2925f84b82c 1531752 flatpak_1.10.8.orig.tar.xz
 2f4d3e8ed738dd5bfe531de6bd29ff7b1e9ec24db228b327298761c2b290093c 33824 flatpak_1.10.8-0+deb11u2.debian.tar.xz
 1f8d5fd6cf89e161a1b04154e0b05b989283574347b2bc7e7bc2d8c595f4ab6e 12517 flatpak_1.10.8-0+deb11u2_source.buildinfo
Checksums-Sha1: 
 afe14c8e0e8fb474fd651fa2ccad6fbcf19ca05d 3564 flatpak_1.10.8-0+deb11u2.dsc
 89420d434afa1d3bb9c43450935fd13e37ddc439 1531752 flatpak_1.10.8.orig.tar.xz
 89b2af4d09ae8a352324240d0b3ecce12cf76190 33824 flatpak_1.10.8-0+deb11u2.debian.tar.xz
 52e1ac5a563d5d2aa8b664699958028b7cd9ea55 12517 flatpak_1.10.8-0+deb11u2_source.buildinfo
Files: 
 9e9c1c923ba858dc532342040160ebfb 3564 admin optional flatpak_1.10.8-0+deb11u2.dsc
 25ee921580f591e87b1a8a476026e67f 1531752 admin optional flatpak_1.10.8.orig.tar.xz
 1b9a399fcfc2ea9f454ffdf985615606 33824 admin optional flatpak_1.10.8-0+deb11u2.debian.tar.xz
 bed1e30c3ba19ad8819e7e0cc94f614e 12517 admin optional flatpak_1.10.8-0+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmYhbU4ACgkQ4FrhR4+B
TE8gYw/7B+DviQj6w1TX9WOwcnHwBmNJVWq2D2Aww306jtsoakbTdrkKmclYqQFW
/+egEYN9LCa/pY9qWe3gZJMNVpruTpY2E59shsQ+5xQyRzHR28kTn90wXGLdMD6E
isIg5Au4f6s+d/qYBy2eAxehSRHAci1St5WDtaYdcvPy2Hx+fsFSUSMi8rm4G69i
PlkM5KpxEa8FPwjCaHBSlzJY67RWzToD4LlGEnDzwDXRxsmBYcaj1GpL9jkJfX4Q
sug/VvQhuL9LNOaDPSjdjdoAYzwR9kxPGkb20T6kpweDHGA9q0VnxmzurmAIiUZy
Prcd0EKbNB0DzIJjctj6czISCjyHSiYrXJudWyqyHmsJKW8lndtVX8f01orUqTYM
OcUDjSZrQfsmioZ+YYm8CFYUtMEUMWh20/gaSfCQA9UzJ4fskiVb9/mSIg4C0/bs
9n0BWEhX4uPqyVeUkVXdDZswXa8E/u/kWjYd9cUP947CGGPi8PNXQu0k19WUKR+5
ROkchw6+URvKVwoxNHEwRld2JoKClrqm4faUXy3WTaIHlwqDXe6sPuNqor7Eem+u
WZZ0fWH167FMD3csPAjWKmJEEqIYW3uSRbkNbpAGV3MmvSJUs4Cx4jMKMmH2o6ql
9jcULTT5vcRNaiJpPGlt2RyfEasbc8sNjvkmOhuEiVocw7fSiAE=
=3Xwn
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20240419/0dfbdcbb/attachment.sig>


More information about the Pkg-utopia-maintainers mailing list