-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:43:12 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: amd64
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha1:
 c7b224b458fdd40670cad9362d57a0cc5aa84b74 6076748 flatpak-dbgsym_1.10.8-0+deb11u2_amd64.deb
 0aa206b4a3e35a1842cde65bfef4793fa573b924 6840444 flatpak-tests-dbgsym_1.10.8-0+deb11u2_amd64.deb
 81a813066bbaee0affa9a40e0866b6e833bfbbd0 926488 flatpak-tests_1.10.8-0+deb11u2_amd64.deb
 940f4ff3ddc185e3e0eaa1fbb862d32256885297 14717 flatpak_1.10.8-0+deb11u2_amd64-buildd.buildinfo
 2f9dae55ed4caea75ced8c8ab449d4c671330d75 1295236 flatpak_1.10.8-0+deb11u2_amd64.deb
 f327f89e760de1adb1a82bef2bf4bd365169015c 37712 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_amd64.deb
 c177bcf350c4bbe904b934a36b3c292390f25bfd 79556 libflatpak-dev_1.10.8-0+deb11u2_amd64.deb
 75a51e9119a88499d466ca0a0f0fa4f8c2a90819 1442176 libflatpak0-dbgsym_1.10.8-0+deb11u2_amd64.deb
 3af800751bdf00a6b25d4a7f6f1b8056d9deae66 352488 libflatpak0_1.10.8-0+deb11u2_amd64.deb
Checksums-Sha256:
 ae16bb771a966d35ad6c1ac954a2e622624e32e043e13e78a539610c6dbf22b8 6076748 flatpak-dbgsym_1.10.8-0+deb11u2_amd64.deb
 66de5aae7b0514876b6bf5dc0cd66c958dbde359a973ca4d055d5ad5396d09b8 6840444 flatpak-tests-dbgsym_1.10.8-0+deb11u2_amd64.deb
 46992f10a9bd52996d8527b36dd11bad03c83ee892eb24116f56789c01c3b2ca 926488 flatpak-tests_1.10.8-0+deb11u2_amd64.deb
 68236a4410f0a71523802812d849c6222516141a258bb576f4312c8634214ea0 14717 flatpak_1.10.8-0+deb11u2_amd64-buildd.buildinfo
 b8d5819ecaa1e280567237c9476170a5424ed14b2204d5037296d12fa2e53b6b 1295236 flatpak_1.10.8-0+deb11u2_amd64.deb
 9305473f5271c757ccf14681629854c54bc625ff04c267e2e3462bd16a51e3ae 37712 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_amd64.deb
 3d1933e1a17fcdb45a1d523d8b507e64ea3f282146f1e1b454d189942f2d910a 79556 libflatpak-dev_1.10.8-0+deb11u2_amd64.deb
 a89269d8882cfd2950adfabbb69e3f95827c186795f1e7cdf4ccc9c2ac60c5e5 1442176 libflatpak0-dbgsym_1.10.8-0+deb11u2_amd64.deb
 9f0a6bd81de7b3e88d90afcf99f89c62036590929204da6e2cbbd440a2a3b938 352488 libflatpak0_1.10.8-0+deb11u2_amd64.deb
Files:
 9ef9c535196796e62d2476086eb05bab 6076748 debug optional flatpak-dbgsym_1.10.8-0+deb11u2_amd64.deb
 19a6ce508df6e903bbd37200b1c1f189 6840444 debug optional flatpak-tests-dbgsym_1.10.8-0+deb11u2_amd64.deb
 622071a1071748f608f49c4f7ec526d4 926488 misc optional flatpak-tests_1.10.8-0+deb11u2_amd64.deb
 5e68fe727bfc070282bbff27caabc839 14717 admin optional flatpak_1.10.8-0+deb11u2_amd64-buildd.buildinfo
 a928940c485c384bb366ee49e6e7a060 1295236 admin optional flatpak_1.10.8-0+deb11u2_amd64.deb
 c019033abb576b5fc9c9b71240e95c31 37712 introspection optional gir1.2-flatpak-1.0_1.10.8-0+deb11u2_amd64.deb
 aef4939b72ed5db8c5690c30ced8f326 79556 libdevel optional libflatpak-dev_1.10.8-0+deb11u2_amd64.deb
 e5d27692122cb95732cfe83ec3fd91a5 1442176 debug optional libflatpak0-dbgsym_1.10.8-0+deb11u2_amd64.deb
 a71f9d8a2465440b7127353c5c6d7bac 352488 libs optional libflatpak0_1.10.8-0+deb11u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4Unr4QHS5Yi4rr9Q3KGKEAtjIVgFAmYhcjMACgkQ3KGKEAtj
IVh7NxAAmmWGZoa73GDCEkd2/++e86tV6ynC2WTE1pL6+fs3e36UXfkvQKUsx7L8
IXKNeOmhFt3GNqbDDC8a6DFTglz006qfHuSN7xzIAO1XEz2hrSXVzA6ortm5SUNr
WZkeR4e3mc8g0F61jeAq84//qNZqI1rbMcU/V0TxjbbiLL3xSjZsJL6jlR3SuJCa
9+jhGmmSOMRbqXtdmKDMZvvICiOfpwQFA2IHu5qQlV48LzKVg2cfdASsxrHZEYjV
tSmzYblbkFzR9q7Ft/4+QU3sujkdgiryisvUr0BvIFDEcvChuJyw+rZvl9+r2zTY
hj3ZpBa22jJDvv5eVGBcUJW2tV3NxwIL7n6v5x4mm+TRB4YWn1aYEh2c38FEq6rR
FPauhtw66A4TsDvQCyDhVaS3a2oiqsMP+2ZuQrG77LQ8BlcvTiEiJCg479K8DOOb
HeAZegeREMwHLPcXDQXb6QgzGTPkh73WCFX7orH2zauq2+at/xka7EuAR+ol06iH
MmAVmY87QtcjytppaX2xF+4nC2xWOehZXMFSiRhLmsg1mzUv/C3vncokJix1rRRr
ndMi3EBWfTSy4ER+jGwwrrvTCxKnL4SN1RUWDA+eVrQFeWpNgFZmePVh3K8qP/1N
XKjqBILiFCiEgoV9mI3+05P9cvLbtG5AwtZN3xJNZCVLxkTEkBw=
=zZIw
-----END PGP SIGNATURE-----