Revisions of flatpak
buildservice-autocommit
accepted
request 1170044
from
Dominique Leuenberger (dimstar)
(revision 197)
baserev update by copy to link target
Dominique Leuenberger (dimstar)
accepted
request 1170025
from
Robert Frohl (rfrohl)
(revision 196)
flatpak: build loop fix
Dominique Leuenberger (dimstar)
accepted
request 1169162
from
Dominique Leuenberger (dimstar)
(revision 195)
Dominique Leuenberger (dimstar)
accepted
request 1169145
from
Dominique Leuenberger (dimstar)
(revision 194)
- Don't allow an executable name to be misinterpreted as a command-line option for bwrap(1). This prevents a sandbox escape where a malicious or compromised app could ask xdg-desktop-portal to generate a .desktop file with access to files outside the sandbox. (CVE-2024-32462, boo#1223110). - Pass the -export-dynamic linker option as -Wl,-export-dynamic, fixing build failures with clang 18 and lld 18. - Fix a double-free when installation is cancelled. - Fix installed-tests failure with "FUSERMOUNT: unbound variable". - Changes from version 1.15.7: - Automatically remove obsolete driver versions and other autopruned refs. - --socket=inherit-wayland-socket. - Automatically reload D-Bus session bus configuration after installing or upgrading apps, to pick up any exported D-Bus services. - Don't parse <developer><name/></developer> as the application name. - Don't refuse to start apps when there is no D-Bus system bus available. - Don't try to repeat migration of apps whose data was migrated to a new name and then deleted. - Improve handling of mixed locales on systems with systemd-localed. - Improve display of ellipsized columns in wide terminals. - Make flatpak info -e look for extensions in all installations. - Fix warnings from newer GLib versions.
Dominique Leuenberger (dimstar)
accepted
request 1169130
from
Robert Frohl (rfrohl)
(revision 193)
Update to 1.15.8: as the CVE looks quite problematic I thought I would try and help to speed up the update. Please have a close look if this seems okay. Somewhat unsure about the meson options used.
buildservice-autocommit
accepted
request 1159297
from
Dominique Leuenberger (dimstar)
(revision 192)
baserev update by copy to link target
Dominique Leuenberger (dimstar)
accepted
request 1159270
from
Antonio Larrosa (alarrosa)
(revision 191)
- Make flatpak-remote-flathub only supplement flatpak in TW (bsc#1221662).
buildservice-autocommit
accepted
request 1156276
from
Dominique Leuenberger (dimstar)
(revision 190)
baserev update by copy to link target
Dominique Leuenberger (dimstar)
accepted
request 1156260
from
Antonio Larrosa (alarrosa)
(revision 189)
- Add a flatpak-selinux subpackage that provides a SELinux policy module (boo#1220591).
buildservice-autocommit
accepted
request 1127339
from
Dominique Leuenberger (dimstar)
(revision 188)
baserev update by copy to link target
Dominique Leuenberger (dimstar)
accepted
request 1126468
from
Bjørn Lie (iznogood)
(revision 187)
- Update to version 1.15.6: + In distributions that compile Flatpak to use a separate bubblewrap (bwrap) executable, version 0.8.0 is now required. + Enabling the optional Wayland security context feature requires libwayland-client, wayland-scanner >= 1.15 and wayland-protocols >= 1.32. + Add --device=input, for access to evdev devices in /dev/input + Update bundled copy of bubblewrap to version 0.8.0, and rely on its features: + Improve error message if seccomp is disabled in kernel config + Security hardening: set user namespace limit to 0, to prevent creation of nested user namespaces in a more robust way + For subsandboxes started by flatpak-portal, inherit environment variables from the flatpak run that started the original instance rather than from flatpak-portal, fixing behaviour of FLATPAK_GL_DRIVERS and similar features + Stop http transfers if a download in progress becomes very slow + Make it easier to configure extra languages, by picking them up from AccountsService if configured there + Add new flatpak_transaction_add_rebase_and_uninstall() API, allowing end-of-life apps to be replaced by their intended replacement more reliably + Create a private Wayland socket with the "security context" extension if available, allowing the compositor to identify connections from sandboxed apps as belonging to the sandbox + Update libglnx to 2023-08-29 + Use features of newer GLib versions if available + Turn off system-level crash reporting infrastructure during some unit tests that involve intentional assertion failures + Add anchors to link to sections of flatpak-metadata documentation + Bug fixes: - Avoid warnings processing symbolic links with GLib >= 2.77.0, and with GLib 2.76.0 (GLib 2.76.1 or later silences these warnings) - Bypass page cache for backend requests in revokefs, fixing installation errors with libostree 2023.4 - Show AppStream metadata in flatpak remote-info as intended - Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES from the host system, which would be wrong for the sandbox - Fix build failure with prereleases of libappstream 0.17.x - Forward-compatibility with libappstream 1.0 - Fix installation with Meson if configured with -Dauto_sideloading=true - Fix a memory leak - Fix compiler warnings - Make the tests fail more comprehensibly if a required tool is missing - Clean up /var/tmp/flatpak-cache-* directories on boot - Don't force GIO_USE_VFS=local for programs launched via flatpak-spawn - Clarify documentation for D-Bus name ownership + Internal changes: - Split up large source files into smaller modules, reducing internal circular dependencies - Re-synchronize code backported from GLib with the version in GLib - Clarify documentation for D-Bus name ownership - Make the flags used to apply "extra data" clearer - Use glnx_opendirat() where possible + Updated translations. - Add pkgconfig(wayland-client), pkgconfig(wayland-scanner) and pkgconfig(wayland-protocols) BuildRequires and pass with-wayland-security-context=yes to configure: Enable the optional Wayland security context.
buildservice-autocommit
accepted
request 1110410
from
Luciano Santos (luc14n0)
(revision 186)
baserev update by copy to link target
Luciano Santos (luc14n0)
accepted
request 1109804
from
Bjørn Lie (iznogood)
(revision 185)
Pushing GNOME 45.rc packages
buildservice-autocommit
accepted
request 1072674
from
Bjørn Lie (iznogood)
(revision 184)
baserev update by copy to link target
Bjørn Lie (iznogood)
accepted
request 1072671
from
Andreas Stieger (AndreasStieger)
(revision 183)
bugzilla references
Luciano Santos (luc14n0)
accepted
request 1072446
from
Bjørn Lie (iznogood)
(revision 182)
New stable release
buildservice-autocommit
accepted
request 1068125
from
Bjørn Lie (iznogood)
(revision 181)
baserev update by copy to link target
Bjørn Lie (iznogood)
accepted
request 1068018
from
Bjørn Lie (iznogood)
(revision 180)
New stable release
buildservice-autocommit
accepted
request 1067351
from
Bjørn Lie (iznogood)
(revision 179)
baserev update by copy to link target
Bjørn Lie (iznogood)
accepted
request 1067330
from
Alynx Zhou (AZhou)
(revision 178)
- Add flatpak-fix-gpg-agent-double-free.patch: stdout stream of a subprocess is owned by the subprocess, not the caller, so don't use g_autoptr for it to prevent double free (bsc#1207434).
Displaying revisions 1 - 20 of 197