-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:43:12 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: arm64
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha1:
 b85ddea9a5c6b1595f4cc2a31ad3ad6a2aba20f3 6040064 flatpak-dbgsym_1.10.8-0+deb11u2_arm64.deb
 50fa0899ab9fee0828a897a04b788d26008ce704 6797188 flatpak-tests-dbgsym_1.10.8-0+deb11u2_arm64.deb
 ba467f881d05064a3f4e43980d7dbabecdffe5dd 837972 flatpak-tests_1.10.8-0+deb11u2_arm64.deb
 3b5d5ba925139dccdff207e9e5b0340f2664f603 14687 flatpak_1.10.8-0+deb11u2_arm64-buildd.buildinfo
 8659af9a3c36bd7097705e0c2429ba5d8bbd6589 1228428 flatpak_1.10.8-0+deb11u2_arm64.deb
 5fe847b51ebea499aaed9db85d5d8ee5a8bc9344 37704 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_arm64.deb
 1807bfb9fd3caa58593add217e624c4e92be854b 79548 libflatpak-dev_1.10.8-0+deb11u2_arm64.deb
 c0faefabb8efe1f34e368d5c838801074943d42c 1439236 libflatpak0-dbgsym_1.10.8-0+deb11u2_arm64.deb
 3c4cfe55723cb78214fbd902ed8f0e189898d253 316468 libflatpak0_1.10.8-0+deb11u2_arm64.deb
Checksums-Sha256:
 c036b6b1ffeca4bb7cc2e0bf69732c6f0ef8f88015f16de9a4bbd0824a3ea680 6040064 flatpak-dbgsym_1.10.8-0+deb11u2_arm64.deb
 8a7e72efc8334502951df6393d8f0ff9acb02fa5ee8aaafe6e56a9820ee824ab 6797188 flatpak-tests-dbgsym_1.10.8-0+deb11u2_arm64.deb
 b7f192ed7e2c11cd87c5402d5b2b1b95e8ba6e1ae34c3dd8327ad233d2df73b9 837972 flatpak-tests_1.10.8-0+deb11u2_arm64.deb
 a13d80379def0f3e0621063a50280d6cf68f29117c8ab45dd27707aa528abaf4 14687 flatpak_1.10.8-0+deb11u2_arm64-buildd.buildinfo
 87fbd21c763008e451345a7f2a8d831033de46c86593b2949489f821ff5e0192 1228428 flatpak_1.10.8-0+deb11u2_arm64.deb
 f50a2c03f5613bd858b3d028081049ca21d5d56223fbb2d698c2e69632c6df58 37704 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_arm64.deb
 475df0f8b9988a732152214106b0327f746f2d8a4dc9f5b2372e5c61d693f1d3 79548 libflatpak-dev_1.10.8-0+deb11u2_arm64.deb
 f2c54f45c3b70a7ee7f65da468d0a8877ac2a410d12ceaa1eac991417371e16b 1439236 libflatpak0-dbgsym_1.10.8-0+deb11u2_arm64.deb
 6b808330239805d0551bc90095696c9c25ddaee4651617d700127d4abafd1932 316468 libflatpak0_1.10.8-0+deb11u2_arm64.deb
Files:
 550719ce0ea419082e69317155f837a9 6040064 debug optional flatpak-dbgsym_1.10.8-0+deb11u2_arm64.deb
 b30360dd59ad1f515db0e0513dc8411e 6797188 debug optional flatpak-tests-dbgsym_1.10.8-0+deb11u2_arm64.deb
 5f316738e7e842902e751f9c1f6b959e 837972 misc optional flatpak-tests_1.10.8-0+deb11u2_arm64.deb
 18a745600be098bbacd6310f912d2305 14687 admin optional flatpak_1.10.8-0+deb11u2_arm64-buildd.buildinfo
 21547cea33cfb026589e6e7c093d0e50 1228428 admin optional flatpak_1.10.8-0+deb11u2_arm64.deb
 095ab3cb48451d6dee1f3969e6330323 37704 introspection optional gir1.2-flatpak-1.0_1.10.8-0+deb11u2_arm64.deb
 75ff028924a5b8cb182b5aadf52f1150 79548 libdevel optional libflatpak-dev_1.10.8-0+deb11u2_arm64.deb
 adff3d4e5e4cceab7ff584fe14ced120 1439236 debug optional libflatpak0-dbgsym_1.10.8-0+deb11u2_arm64.deb
 b13317a09269ff2cae893eee5682a070 316468 libs optional libflatpak0_1.10.8-0+deb11u2_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEuIolmszDbgxUhBbrMZO3llZhjs8FAmYhczYACgkQMZO3llZh
js+u5w//R2d0UovwApmrmcCR04pqRGxFkU9FGtOlHeZF0w3nlRQyRkKVMNpuestB
6y/eK63Vb6ge7OiHFvJSAMS8nZuZvQuVbHl5W9DylnbuDHei83r6ggLzqQW8jpsg
Q56JKfALUiMLC7p76zvLpPKconP/YNSa82k18ut93tYgLZQuS+QpJveW6pkPpQR3
sERMqVACaIGWmWbqkhdI584HDCKPtBRw2Lel0K6ptR38mJ3D8JiddH5zPGYF826k
0Zeor1+egYDCqLheKuZGX/DBuNpSc+BLmeIoX9/dnLv7YtaZKdv/lhvfKTBl1NeS
JMbPwRgPBobX6KNjx4H4R+oDI5JnkOtx0QIzHWzLP5xXS3IvGZHDZZPy1TQPHpCB
xnPvVSUskqQ9wuPEDycOUc1+RMFQFgm7wt13k70dryAP8yX7XyrWD9tAr78W1pJx
cjGGpo9i4uQl0O3c1pwAn9NHJ49792Hys9GYp0kHPmRN9rc9WoMy7HRt2J4sVLCN
m2lde5DJi/xRO+aTZ+Gg+KHgWY0NA80NPcK3q59wQrc+8vSXQURqaa/GAYmIdAIP
D+Cc9NU2UdZiR1raQ517/yEk5K4aUVYrTxJFDG1WJ+8B6DQz7V1kUp7W6F0N1x2Q
6D4C3S19va1JXuhoEKwHyEku8SwP2Sv8P2tcSPasRQ5T3ZJNGdk=
=fwVI
-----END PGP SIGNATURE-----