flatpak 1.14.10-1 source package in Ubuntu
Changelog
flatpak (1.14.10-1) unstable; urgency=high
* New upstream stable release
- Don't follow symbolic links when mounting persistent directories
(--persist option). This prevents a sandbox escape where a malicious
or compromised app could edit the symlink to point to a directory
that the app should not have been allowed to read or write.
(CVE-2024-42472, GHSA-7hgv-f2j8-xw87)
* d/control: Bump required bubblewrap version to 0.10.0.
This adds the new --bind-fd option, required to solve CVE-2024-42472
without introducing a race condition.
-- Simon McVittie <email address hidden> Wed, 14 Aug 2024 15:03:33 +0100
Upload details
- Uploaded by:
- Utopia Maintenance Team
- Uploaded to:
- Sid
- Original maintainer:
- Utopia Maintenance Team
- Architectures:
- linux-any all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Oracular | release | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| flatpak_1.14.10-1.dsc | 3.9 KiB | a3ef7f0cc4b7c85f25d617fa6b31315eed1712b9b4b4ea42cd1389467f880f58 |
| flatpak_1.14.10.orig.tar.xz | 1.6 MiB | 6bbdc7908127350ad85a4a47d70292ca2f4c46e977b32b1fd231c2a719d821cd |
| flatpak_1.14.10.orig.tar.xz.asc | 833 bytes | 86f596ae816c77b6ee2789df177cc194d0a86d5ebd127d2a5c5cf99a627641ca |
| flatpak_1.14.10-1.debian.tar.xz | 35.0 KiB | 4e435d6e76cf150bbf6021ce5546553238941bd35d2a158443fae6482cf64573 |
Available diffs
- diff from 1.14.8-1 to 1.14.10-1 (54.5 KiB)
No changes file available.
Binary packages built by this source
- flatpak: Application deployment framework for desktop apps
Flatpak installs, manages and runs sandboxed desktop application bundles.
Application bundles run partially isolated from the wider system, using
containerization techniques such as namespaces to prevent direct access
to system resources. Resources from outside the sandbox can be accessed
via "portal" services, which are responsible for access control; for
example, the Documents portal displays an "Open" dialog outside the
sandbox, then allows the application to access only the selected file.
.
Each application uses a specified "runtime", or set of libraries, which is
available as /usr inside its sandbox. This can be used to run application
bundles with multiple, potentially incompatible sets of dependencies within
the same desktop environment.
.
This package contains the services and executables needed to install and
launch sandboxed applications, and the portal services needed to provide
limited access to resources outside the sandbox.
- flatpak-dbgsym: debug symbols for flatpak
- flatpak-tests: Application deployment framework for desktop apps (tests)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains automated tests.
- flatpak-tests-dbgsym: debug symbols for flatpak-tests
- gir1.2-flatpak-1.0: Application deployment framework for desktop apps (introspection)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package can be used by other packages using the GIRepository format to
generate dynamic bindings for libflatpak0.
- libflatpak-dev: Application deployment framework for desktop apps (development)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains development headers and pkg-config metadata
for libflatpak0, and the flatpak-coredump and flatpak-bisect scripts used
to debug Flatpak applications.
- libflatpak-doc: Application deployment framework for desktop apps (documentation)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains reference documentation for libflatpak0.
- libflatpak0: Application deployment framework for desktop apps (library)
Flatpak installs, manages and runs sandboxed desktop application bundles.
See the flatpak package for a more comprehensive description.
.
This package contains the flatpak shared library, used by higher level
package management tools like gnome-software.
- libflatpak0-dbgsym: debug symbols for libflatpak0
