[Pkg-utopia-maintainers] flatpak_1.14.4-1+deb12u1_source.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Apr 20 12:18:19 BST 2024
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 18 Apr 2024 18:26:58 BST
Source: flatpak
Architecture: source
Version: 1.14.4-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Changes:
flatpak (1.14.4-1+deb12u1) bookworm-security; urgency=high
.
* d/p/When-starting-non-static-command-using-bwrap-use.patch,
d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
Don't allow an executable name to be misinterpreted as a command-line
option for bwrap(1). This prevents a sandbox escape where a malicious
or compromised app could ask xdg-desktop-portal to generate a .desktop
file with access to files outside the sandbox. (CVE-2024-32462)
* d/gbp.conf: Use debian/bookworm packaging branch
Checksums-Sha256:
4d24771540c47fc79172311e1df3e6afa9e1878ea5d0be675d2052bf8d82c2bb 3566 flatpak_1.14.4-1+deb12u1.dsc
8a34dbd0b67c434e7598b98ec690953d046f0db26e480aeafb46d72aec716799 1637484 flatpak_1.14.4.orig.tar.xz
000ff7ff87d6ff8b66498dea87e0afa618a85bf0860137ebade46427e6f137f5 35992 flatpak_1.14.4-1+deb12u1.debian.tar.xz
f887f41af67235b4deca08f061d032a8a358638841db52dbb016ee1ec041f65a 12176 flatpak_1.14.4-1+deb12u1_source.buildinfo
Checksums-Sha1:
fad9f4c2b63d0878b43d5075adbb3a206e23a1d5 3566 flatpak_1.14.4-1+deb12u1.dsc
ce72230b06014ff8848904ada2caca8b423c8995 1637484 flatpak_1.14.4.orig.tar.xz
d91157a2a2e2c368e821e04f54028ace7d35f47a 35992 flatpak_1.14.4-1+deb12u1.debian.tar.xz
7d515fb88b157b2db7284574e8f65b6d0bff5b80 12176 flatpak_1.14.4-1+deb12u1_source.buildinfo
Files:
5d69069d3d80d604bd792c4e3a0b187d 3566 admin optional flatpak_1.14.4-1+deb12u1.dsc
de04545ae7d547fdb65db93601591531 1637484 admin optional flatpak_1.14.4.orig.tar.xz
1fb581982793b2b09e1c31622c6ba474 35992 admin optional flatpak_1.14.4-1+deb12u1.debian.tar.xz
e1db90bdb553e9f24e36d86f2f77932a 12176 admin optional flatpak_1.14.4-1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmYhbWMACgkQ4FrhR4+B
TE8qrQ/9GF7xiDL9BW3PwH6hSETzIs0uPMFhnXA6YBrSH8TMfoU4KRAJqFbxWwuu
N4b23BxxdFbldwjXnmvak+9EHhw0oCyOZD2IP0CErK9mhHSwSoZxJUQAvgqsmrLb
u7f7drGAHinzRuupi0JYVW4tP/3V5nlir1ZRtcg3AJbpgZfnOvhguSsWS3pz5DOw
Fm90EcldUts4IZwqqrCCGbS/2i+uU0FVt0GAl+999eRwxznbb3MpyyaKeRfbonGn
W1IngXsueULIuIb/onn+4hKg+X1QcohT16HANQMSH2X06Oqm9NLY9h3UfZKnJK2p
yjPuAxUHPV45f4OvDa0opwveOISCALAB/FznToV1Psgqgzk1qPHjWE8VWS8tT5aj
F/cYyLZouivdWjPJudOjOZR7JTrl6o9GnskuFBFirY6VNdBObIMxex1k5bjPfIZh
KwSrM5CLfE4L2gtOGUpQ/g0fOeFfTaG+TtksS8q5yvQh1FoEeT6y/QENLPeRijQp
WZN7Lt92Tm/KS8SRPCvB6ZHUoqDJUZHiVJEMtldZc2CKJuMNrljF4dEb8CIb4e+A
RxvgEFLuv1M3ZnLjarSS7W2S1JBayJnnROs2Kh/aPQRvXij69OQbyk8PWZBEmqXx
EWiVeDJMAPdpypx+h8QCpIjxmjCMA+4R2lqKMh3Ygma5pcDTbus=
=btKX
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20240420/9b75f115/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list