-
bubblewrap (0.1.7-1) unstable; urgency=medium
* New upstream release
- effectively the same as 0.1.6-2
- drop all patches
-- Simon McVittie <email address hidden> Thu, 19 Jan 2017 14:33:46 +0000
-
bubblewrap (0.1.5-2) unstable; urgency=high
* d/p/Call-setsid-before-executing-sandboxed-code-CVE-2017-5226.patch:
Call setsid() before executing sandboxed code, preventing a
sandboxed executable invoked with a controlling terminal (for
example in Flatpak) from escalating its privileges by injecting
keypresses into the controlling terminal with the TIOCSTI
ioctl. (Closes: #850702; CVE-2017-5226)
* d/control: remove Maintainer status from Laszlo Boszormenyi at his
request. Add him to Uploaders instead, and hand the package over
to the Utopia Maintenance Team (the same as OSTree and Flatpak).
-- Simon McVittie <email address hidden> Mon, 09 Jan 2017 18:09:54 +0000
-
bubblewrap (0.1.5-1) unstable; urgency=medium
* New upstream release
- drop all patches, applied upstream
- debian/copyright: update for build system additions
-- Simon McVittie <email address hidden> Tue, 20 Dec 2016 11:25:23 +0000
-
bubblewrap (0.1.4-2) unstable; urgency=medium
* d/tests/*: only run tests on a real or virtual machine, not in a
container. bubblewrap is effectively already a container, and
nesting containers doesn't work particularly well.
Unfortunately this means the tests won't work on ci.debian.net,
which uses LXC.
-- Simon McVittie <email address hidden> Thu, 01 Dec 2016 12:42:33 +0000
-
bubblewrap (0.1.3-1) unstable; urgency=medium
* New upstream release
- bring back --set-hostname, the upstream fix for CVE-2016-8659
makes it no longer a vulnerability
-- Simon McVittie <email address hidden> Sun, 16 Oct 2016 14:32:11 +0100
-
bubblewrap (0.1.2-2) unstable; urgency=high
* Revert addition of --set-hostname as a short-term fix for
CVE-2016-8659 (Closes: #840605)
-- Simon McVittie <email address hidden> Thu, 13 Oct 2016 11:12:38 +0100
-
bubblewrap (0.1.2-1) unstable; urgency=medium
* New upstream release
-- Simon McVittie <email address hidden> Fri, 09 Sep 2016 09:22:57 +0100
-
bubblewrap (0.1.1-1) unstable; urgency=medium
* New upstream release
- drop patch, included upstream
-- Simon McVittie <email address hidden> Sun, 17 Jul 2016 09:08:35 +0100
-
bubblewrap (0.1.0-3) unstable; urgency=medium
* d/control: bubblewrap is Multi-Arch: foreign
* Hardening: build as a position-independent executable with
eager symbol binding
-- Simon McVittie <email address hidden> Wed, 06 Jul 2016 11:07:32 +0100
-
bubblewrap (0.1.0-2) unstable; urgency=medium
* Run basic and dev autopkgtests in addition to userns
* Really add the regression test for keeping CAP_NET_ADMIN
* debian/gbp.conf: add DEP-14-style git-buildpackage configuration
* Normalize package lists via `wrap-and-sort -abst`
* Add Vcs-Git, Vcs-Browser metadata
* d/p/build-put-libraries-in-LDADD-not-LDFLAGS.patch: new patch
fixing linking with -Wl,--as-needed (closes: #826787)
-- Simon McVittie <email address hidden> Tue, 14 Jun 2016 16:28:09 -0400
-
bubblewrap (0~git160513-2) unstable; urgency=low
* Install bwrap binary setuid (closes: #824646).
* Make libselinux1-dev build dependency Linux only.
-- Laszlo Boszormenyi (GCS) <email address hidden> Thu, 19 May 2016 15:24:35 +0000
