[ubuntu/yakkety-proposed] flatpak 0.8.2-1~ubuntu16.10.1 (Accepted)
Jeremy Bicha
jbicha at ubuntu.com
Wed Feb 15 00:37:46 UTC 2017
flatpak (0.8.2-1~ubuntu16.10.1) yakkety; urgency=medium
* Backport to Ubuntu 16.10 (LP: #1656712)
* Drop all patches, applied in new version
* Keep dh compat 9 (including explicit dh-autoreconf and dh-systemd) for
easier backporting to Ubuntu 16.04 LTS
* Also allow libgtk-3-bin to satisfy the gtk-update-icon-cache dependency
flatpak (0.8.2-1) unstable; urgency=medium
* New upstream bugfix release
- drop remaining patch, applied upstream
- security fix: prevent writing to per-user-installed fonts
and Flatpak extensions (typically locales)
* d/control: flatpak-tests Recommends python, which is needed for
one test (silencing a lintian warning)
flatpak (0.8.1-1) unstable; urgency=medium
* New upstream release, very similar to 0.8.0-2
- drop all patches
* d/p/flatpak-system-helper-remove-dangling-reference-to-EXTERN.patch:
do not search /export/share, which seems to have been unintended
flatpak (0.8.0-2) unstable; urgency=medium
* d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch:
Add patch from upstream to prevent contained apps from using
TIOCSTI ioctl. This would let the app inject commands into the
terminal from which it was invoked (CVE-2017-5226). This was
initially fixed in bubblewrap by calling setsid(), but that
breaks the ability to use Ctrl+Z or Ctrl+C on a flatpak-confined
process, so it is being made optional; prevent the attack here
instead, in a way that doesn't break shells.
* d/p/Fix-update-of-standalone-bundle.patch:
Add patch from upstream to fix updating an existing app with
"flatpak install --bundle foo.flatpak"
* d/p/Make-sure-var-tmp-is-not-on-tmpfs.patch:
Add patch from upstream to mount ~/.var/APP/cache/tmp at /var/tmp
inside the sandbox, so apps can rely on /var/tmp being on disk
* d/p/Document-the-DefaultBranch-key.patch,
d/p/Document-RuntimeRepo-key.patch:
Add patches from upstream to fill in some missing documentation
* d/p/testlibrary-ensure-that-contents_array-is-NULL-terminated.patch,
d/p/tests-Install-testpython.py-executable.patch,
d/p/tests-Move-the-test-repo-to-a-subdirectory-repos-test.patch:
Fix some bugs in the tests
* debian/tests/: split out builder-python into a separate autopkgtest,
it too has more dependencies
flatpak (0.8.0-1) unstable; urgency=medium
* New upstream stable release
- Bump bubblewrap dependencies to 0.1.5 following configure.ac
- Bump ostree dependency to 2016.15 following upstream release notes
(the minimal dependency is 2016.14, but 2016.15 is recommended)
- debian/libflatpak0.symbols: add new ABIs
- d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
drop patch, applied upstream
* debian/gbp.conf: switch upstream branch to debian/0.8.x to follow
the first upstream stable-branch
* debian/watch: only follow stable-branches
* debian/org.freedesktop.Flatpak.pkla: configure polkit 0.105 to
allow sudoers to uninstall apps and runtimes without re-authenticating,
following upstream changes to the org.freedesktop.Flatpak.rules used in
newer polkit versions
* d/p/Update-Polish-translation.patch: update translated strings from
upstream git
* d/p/flatpak-builder-1-fix-typo.patch: fix a typo in the man page
flatpak (0.6.14-3) unstable; urgency=medium
* d/tests/*: only run tests on a real or virtual machine, not in a
container. bubblewrap is effectively already a container, and
nesting containers doesn't work particularly well.
Unfortunately this means the tests won't work on ci.debian.net,
which uses LXC.
flatpak (0.6.14-2) unstable; urgency=medium
* d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
Add patch recommended by upstream to fix a GNOME Software crash
flatpak (0.6.14-1) unstable; urgency=medium
* New upstream release
- update ostree build-dependency to 2016.14
flatpak (0.6.13-1) unstable; urgency=medium
* New upstream release
- update symbols file
- update ostree build-dependency to 2016.12
flatpak (0.6.12-1) unstable; urgency=medium
* This release drops source compatibility with Debian jessie. If
you are building unofficial backports for older Debian derivatives,
please base them on the debian/jessie-backports git branch instead of
debian/master from now on.
* d/control: rely on gtk-update-icon-theme, removing libgtk-3-bin
alternative.
- d/p/debian/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
drop patch, this branch can now rely on having the plain
gtk-update-icon-theme executable
* Bump debhelper compatibility level to 10
- do not explicitly build in parallel, it is now the default
- do not explicitly enable autoreconf and systemd sequences, they
are now the default
* New upstream release
- d/libflatpak0.symbols: update
Date: Fri, 10 Feb 2017 07:07:12 -0500
Changed-By: Jeremy Bicha <jbicha at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/flatpak/0.8.2-1~ubuntu16.10.1
-------------- next part --------------
Format: 1.8
Date: Fri, 10 Feb 2017 07:07:12 -0500
Source: flatpak
Binary: flatpak flatpak-builder flatpak-tests gir1.2-flatpak-1.0 libflatpak-dev libflatpak-doc libflatpak0
Architecture: source
Version: 0.8.2-1~ubuntu16.10.1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jeremy Bicha <jbicha at ubuntu.com>
Description:
flatpak - Application deployment framework for desktop apps
flatpak-builder - Flatpak application building helper
flatpak-tests - Application deployment framework for desktop apps (tests)
gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
libflatpak-dev - Application deployment framework for desktop apps (development)
libflatpak-doc - Application deployment framework for desktop apps (documentation)
libflatpak0 - Application deployment framework for desktop apps (library)
Launchpad-Bugs-Fixed: 1656712
Changes:
flatpak (0.8.2-1~ubuntu16.10.1) yakkety; urgency=medium
.
* Backport to Ubuntu 16.10 (LP: #1656712)
* Drop all patches, applied in new version
* Keep dh compat 9 (including explicit dh-autoreconf and dh-systemd) for
easier backporting to Ubuntu 16.04 LTS
* Also allow libgtk-3-bin to satisfy the gtk-update-icon-cache dependency
.
flatpak (0.8.2-1) unstable; urgency=medium
.
* New upstream bugfix release
- drop remaining patch, applied upstream
- security fix: prevent writing to per-user-installed fonts
and Flatpak extensions (typically locales)
* d/control: flatpak-tests Recommends python, which is needed for
one test (silencing a lintian warning)
.
flatpak (0.8.1-1) unstable; urgency=medium
.
* New upstream release, very similar to 0.8.0-2
- drop all patches
* d/p/flatpak-system-helper-remove-dangling-reference-to-EXTERN.patch:
do not search /export/share, which seems to have been unintended
.
flatpak (0.8.0-2) unstable; urgency=medium
.
* d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch:
Add patch from upstream to prevent contained apps from using
TIOCSTI ioctl. This would let the app inject commands into the
terminal from which it was invoked (CVE-2017-5226). This was
initially fixed in bubblewrap by calling setsid(), but that
breaks the ability to use Ctrl+Z or Ctrl+C on a flatpak-confined
process, so it is being made optional; prevent the attack here
instead, in a way that doesn't break shells.
* d/p/Fix-update-of-standalone-bundle.patch:
Add patch from upstream to fix updating an existing app with
"flatpak install --bundle foo.flatpak"
* d/p/Make-sure-var-tmp-is-not-on-tmpfs.patch:
Add patch from upstream to mount ~/.var/APP/cache/tmp at /var/tmp
inside the sandbox, so apps can rely on /var/tmp being on disk
* d/p/Document-the-DefaultBranch-key.patch,
d/p/Document-RuntimeRepo-key.patch:
Add patches from upstream to fill in some missing documentation
* d/p/testlibrary-ensure-that-contents_array-is-NULL-terminated.patch,
d/p/tests-Install-testpython.py-executable.patch,
d/p/tests-Move-the-test-repo-to-a-subdirectory-repos-test.patch:
Fix some bugs in the tests
* debian/tests/: split out builder-python into a separate autopkgtest,
it too has more dependencies
.
flatpak (0.8.0-1) unstable; urgency=medium
.
* New upstream stable release
- Bump bubblewrap dependencies to 0.1.5 following configure.ac
- Bump ostree dependency to 2016.15 following upstream release notes
(the minimal dependency is 2016.14, but 2016.15 is recommended)
- debian/libflatpak0.symbols: add new ABIs
- d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
drop patch, applied upstream
* debian/gbp.conf: switch upstream branch to debian/0.8.x to follow
the first upstream stable-branch
* debian/watch: only follow stable-branches
* debian/org.freedesktop.Flatpak.pkla: configure polkit 0.105 to
allow sudoers to uninstall apps and runtimes without re-authenticating,
following upstream changes to the org.freedesktop.Flatpak.rules used in
newer polkit versions
* d/p/Update-Polish-translation.patch: update translated strings from
upstream git
* d/p/flatpak-builder-1-fix-typo.patch: fix a typo in the man page
.
flatpak (0.6.14-3) unstable; urgency=medium
.
* d/tests/*: only run tests on a real or virtual machine, not in a
container. bubblewrap is effectively already a container, and
nesting containers doesn't work particularly well.
Unfortunately this means the tests won't work on ci.debian.net,
which uses LXC.
.
flatpak (0.6.14-2) unstable; urgency=medium
.
* d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
Add patch recommended by upstream to fix a GNOME Software crash
.
flatpak (0.6.14-1) unstable; urgency=medium
.
* New upstream release
- update ostree build-dependency to 2016.14
.
flatpak (0.6.13-1) unstable; urgency=medium
.
* New upstream release
- update symbols file
- update ostree build-dependency to 2016.12
.
flatpak (0.6.12-1) unstable; urgency=medium
.
* This release drops source compatibility with Debian jessie. If
you are building unofficial backports for older Debian derivatives,
please base them on the debian/jessie-backports git branch instead of
debian/master from now on.
.
* d/control: rely on gtk-update-icon-theme, removing libgtk-3-bin
alternative.
- d/p/debian/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
drop patch, this branch can now rely on having the plain
gtk-update-icon-theme executable
* Bump debhelper compatibility level to 10
- do not explicitly build in parallel, it is now the default
- do not explicitly enable autoreconf and systemd sequences, they
are now the default
* New upstream release
- d/libflatpak0.symbols: update
Checksums-Sha1:
8ed6e1d5595581a7ec6d54869f3221a2540e4031 3133 flatpak_0.8.2-1~ubuntu16.10.1.dsc
19ef03212870d834a7ad526a05c119f6b445b2b9 739920 flatpak_0.8.2.orig.tar.xz
8ea403fdd756b929b09043210f52a4fe221ea0f3 14768 flatpak_0.8.2-1~ubuntu16.10.1.debian.tar.xz
Checksums-Sha256:
26ce4d681f3222673458f54af3fa4c0dd312b664ca8639a55578e8b5382035a0 3133 flatpak_0.8.2-1~ubuntu16.10.1.dsc
2d9372f3d37374c14cbd55eac21ac3093c72bb7548b5fd0fac99a2bff85d8490 739920 flatpak_0.8.2.orig.tar.xz
a8e45aa8d4eb1cf14c467d44c6a7746594f1233bb5c3d66466cabd639af7efd1 14768 flatpak_0.8.2-1~ubuntu16.10.1.debian.tar.xz
Files:
7be71737918918d18ed92caaf92a9bcb 3133 admin optional flatpak_0.8.2-1~ubuntu16.10.1.dsc
4cb26f9e418a36b43281e1a7ea8dd1b2 739920 admin optional flatpak_0.8.2.orig.tar.xz
56ae7e64f6467bbf3e56af8419f9ae71 14768 admin optional flatpak_0.8.2-1~ubuntu16.10.1.debian.tar.xz
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
More information about the Yakkety-changes
mailing list