-
flatpak (1.14.4-1ubuntu1) lunar; urgency=medium
[ Simon McVittie ]
* Mention #1033098, #1033099 in previous changelog entry
[ Jeremy Bicha ]
* Cherry-pick 2 patches for compatibility with glib 2.76.0
-- Jeremy Bicha <email address hidden> Sat, 18 Mar 2023 19:43:33 -0400
-
flatpak (1.14.4-1) unstable; urgency=high
* New upstream security fix release
- Escape special characters when displaying permissions and metadata,
preventing malicious apps from manipulating the appearance of the
permissions list using crafted metadata (CVE-2023-28101)
- If a Flatpak app is run on a Linux virtual console (tty1, etc.),
don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
Note that this is specific to virtual consoles: Flatpak is not
vulnerable to this if run from a graphical terminal emulator such
as xterm, gnome-terminal or Konsole.
- Translation update: pl
-- Simon McVittie <email address hidden> Thu, 16 Mar 2023 10:39:01 +0000
-
flatpak (1.14.3-1) unstable; urgency=medium
* New upstream stable release
- Fix handling of apps superseded by an app of a different name
in GNOME Software (flatpak#5172)
- Fix a crash when an app has --socket=gpg-agent permission
(flatpak#5095)
- Fix a crash when listing broken or misconfigured apps (flatpak#5293)
- If an app has invalid syntax in its overrides or metadata, mention
the filename in the error message (flatpak#5293)
- Unset $GDK_BACKEND so that GTK apps with --socket=fallback-x11
work reliably (flatpak#5303)
- Ignore some --filesystem permissions which would otherwise prevent
all apps from starting (flatpak#1357, flatpak#5205, flatpak#5207)
- Show a warning when a --filesystem exists but cannot be shared with
the sandbox (flatpak#1357, flatpak#5035, flatpak#5205, flatpak#5207)
-- Simon McVittie <email address hidden> Mon, 27 Feb 2023 12:52:48 +0000
-
flatpak (1.14.2-1) unstable; urgency=medium
* New upstream stable release
* Update standards version to 4.6.2 (no changes needed)
-- Simon McVittie <email address hidden> Mon, 06 Feb 2023 17:21:47 +0000
-
flatpak (1.14.1-1) unstable; urgency=medium
* New upstream stable release
* Remove obsolete maintscript entries
* Avoid explicitly specifying -Wl,--as-needed linker flag, which is
the default with newer toolchains
-- Simon McVittie <email address hidden> Fri, 18 Nov 2022 13:45:56 +0000
-
flatpak (1.14.0-2) unstable; urgency=medium
* d/control: Add dependency on fuse3, for fusermount3.
Strictly speaking this is only needed for system installations, but
those are the default, and a missing fusermount3 produces unclear
symptoms.
* d/control: Depend on polkitd in preference to transitional policykit-1.
This package doesn't need pkexec.
* Update Lintian overrides
-- Simon McVittie <email address hidden> Fri, 02 Sep 2022 08:59:06 +0100
