-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:43:12 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: i386
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha1:
 a1940c5f5e55c3ca7fb64d638bd475a76ca62d99 4935652 flatpak-dbgsym_1.10.8-0+deb11u2_i386.deb
 ff2b9f940c270a571f343cddb1f927cb77be15ac 5581456 flatpak-tests-dbgsym_1.10.8-0+deb11u2_i386.deb
 09b387345704d75f770c8a12a7c3068eb8480777 933668 flatpak-tests_1.10.8-0+deb11u2_i386.deb
 40fed54d5d91b22b75720fc81ec649893f31e5da 14654 flatpak_1.10.8-0+deb11u2_i386-buildd.buildinfo
 ff6a486f9d6297b8e8b7c69f7a0b4d63fabdec16 1333840 flatpak_1.10.8-0+deb11u2_i386.deb
 99a9fa6fad3d635ab047e8b9a3cc467927d1de9b 37704 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_i386.deb
 21e500ecf901c77512a80064736d1e205395374f 79568 libflatpak-dev_1.10.8-0+deb11u2_i386.deb
 1c5caecb3355ae1d955ccfc56eb7e01c5e546b38 1192816 libflatpak0-dbgsym_1.10.8-0+deb11u2_i386.deb
 c8ff21a0ae17a2b42ccb24bbedea9f213f853ce1 378536 libflatpak0_1.10.8-0+deb11u2_i386.deb
Checksums-Sha256:
 599d03bef88354d0e7869d9cef1edf82ffe8fe9730d3f79bef23a6679a109418 4935652 flatpak-dbgsym_1.10.8-0+deb11u2_i386.deb
 b2ce7bd23be6de025ca9cacbae9571bde1bd0c0b0219ffcad46f425702ba8ea4 5581456 flatpak-tests-dbgsym_1.10.8-0+deb11u2_i386.deb
 9a58ba2feccf694de3c0ce5ccc94296b68aa8f5b02c7fa6f1683810c5d370389 933668 flatpak-tests_1.10.8-0+deb11u2_i386.deb
 5b3266c2830e8f4d0dcf5bd0505f7b3bf500092365dc0a1703f3eb5cc13b0600 14654 flatpak_1.10.8-0+deb11u2_i386-buildd.buildinfo
 993f182841b24948b0c6f3a58d18bb0a2f6615823d9bc555eb6af85a149c88b1 1333840 flatpak_1.10.8-0+deb11u2_i386.deb
 90777523b6c20c99a04949326f6640ddf7ee04a8aeaf7b8dcdd801bd361eac06 37704 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_i386.deb
 fbc851a68240e47da3d0a12e973a726a917d634d03980573d15176406e368829 79568 libflatpak-dev_1.10.8-0+deb11u2_i386.deb
 be10b9f4dc63897056635774a58bde7f9f581c3e627bf7685fea1df30ae9ae55 1192816 libflatpak0-dbgsym_1.10.8-0+deb11u2_i386.deb
 9553edbc2b9ca7c6927779bd9de442b76ee8c8aef7e0174209ce193239223aa7 378536 libflatpak0_1.10.8-0+deb11u2_i386.deb
Files:
 de3167f01142f0af43fab983dc84365d 4935652 debug optional flatpak-dbgsym_1.10.8-0+deb11u2_i386.deb
 5bc2b23bb29d43665161b61e53c1655c 5581456 debug optional flatpak-tests-dbgsym_1.10.8-0+deb11u2_i386.deb
 5ba536e9d3c85baebe9a5924268f6ecc 933668 misc optional flatpak-tests_1.10.8-0+deb11u2_i386.deb
 aa952d0a635b97f7dc9baf5125c37395 14654 admin optional flatpak_1.10.8-0+deb11u2_i386-buildd.buildinfo
 cfde28fae75fac4a63e0911e0053ca3a 1333840 admin optional flatpak_1.10.8-0+deb11u2_i386.deb
 9dfd4b47dbee65f69faf92229ff8f375 37704 introspection optional gir1.2-flatpak-1.0_1.10.8-0+deb11u2_i386.deb
 deffbc14bf75ca3cc0b7247d600404e8 79568 libdevel optional libflatpak-dev_1.10.8-0+deb11u2_i386.deb
 2d40040907eae0ab9fe4fa0eed0caca8 1192816 debug optional libflatpak0-dbgsym_1.10.8-0+deb11u2_i386.deb
 14c76a6da94827415efca1b0cf0b3fb2 378536 libs optional libflatpak0_1.10.8-0+deb11u2_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmYhciwACgkQU9a0/Lca
TpOpIg/+Jgn6rg9E4y9U94u/ZcBKYY+g3QIRHMWJp3GreXg/0xUNRel5SmJfuvfB
xULmReNCeWWFBEgjvLNKOjZ9HCOb7uhW8SEoA6WV8oCUcd9mu98QSCJ8746LTV6c
91GWTEtmDrx9/aXK2pNR0+v0dBDFL6zO10oflVC+xq+utRvyC1ELZ87v/CmHeeP8
nnb6eNIjKygjAlxS6Hdpr+sr32YMeMVdoPRHcK20iduEH6fnc5HSPGfEWnWjXoSl
kXYd5WiBn0qjxQIWax4wFO2roaOTuiPY5XvafoiZgsIk9GY8pUGCzYIHw21XFB35
HUb5HdllwYVAvStn1O87m3Fu96XZOjdGoQT5vhHs98ylSuQjpATAsrxj1z2lZr9O
73xWkO+vYYP+pUhKAzM6Ca7KJ0IteOLkHidlwYf0WLLw4t6vM1A3fhH2vYqvSzRT
hMHXlkYcDX1PDRX1hpD7ehpVEBro/KdgDc/Und7TSo75DLH/AVpDf7uHoIauQ4q1
+f4SMzB6ymE4PTTve+b8S0Tt6FNrw8jVeRs6nDd6pLIM/jQ6IZwd2Anv4+NmcYVN
ad1bROk2hQPp5UP+SQDEfsAkVq7qMwkyeLZ6vHfL8ArLb2UclPVhWh3al8K6GoQK
ap/23aC5dvTsl8NjCe6JBahlPnw+bi0BJzAuipcYR96RccJNZl8=
=kMVt
-----END PGP SIGNATURE-----