-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 30 Apr 2024 16:50:10 +0100
Source: flatpak
Architecture: source
Version: 1.14.8-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
 flatpak (1.14.8-1~deb12u1) bookworm; urgency=medium
 .
   * Backport upstream stable release for Debian 12
   * Changes relative to 1.14.4-1+deb12u1 in bookworm-security:
     - New upstream stable release 1.14.6
       + Don't parse `<developer><name/></developer>` as though it was
         the application name
       + Install a tmpfiles.d snippet to clean up /var/tmp/flatpak-cache-*
         during boot
       + Stop http transfers if a download in progress becomes very slow
       + Silence warnings when using GLib 2.77.0 or later
       + Bypass page cache for backend requests in revokefs, fixing
         installation errors with libostree 2023.4 or later
       + Show AppStream metadata in `flatpak remote-info` as intended,
         fixing a regression in 1.9.1
       + Don't let Flatpak apps inherit $VK_DRIVER_FILES or $VK_ICD_FILENAMES
         from the host system, which would be wrong in the sandbox
       + Fix forward-compatibility with libappstream 0.17.x and 1.0
       + Fix a memory leak
       + Fix some compiler warnings
       + Make the test failure produce a clearer message if a required tool
         is missing
       + Don't force `GIO_USE_VFS=local` for programs launched via
         flatpak-spawn
       + Documentation improvements
     - New upstream stable release 1.14.7
       + Automatically reload D-Bus session bus configuration when apps are
         installed or upgraded, ensuring that any new .service files get
         picked up
       + Allow apps to be run if the D-Bus system bus is missing or
         non-functional
       + Add several more environment variables to the list not inherited
         into the sandbox:
         * $LD_AUDIT, $LD_PRELOAD for ld.so
         * $__EGL_VENDOR_LIBRARY_DIRS, etc. for EGL
         * $VK_ADD_DRIVER_FILES, etc. for Vulkan
         * $container, when running Flatpak inside a container manager
       + Use xdg-desktop-portal-gnome, if installed, to detect whether apps
         are running in the background
       + If an app's data is migrated to a new name and then deleted, don't
         try to migrate it again, avoiding a recursive symlink loop
       + Don't leak temporary variable $new_dirs from /etc/profile.d/flatpak.sh
         into user shell sessions
       + Avoid an out-of-bounds left-shift (which is technically undefined
         behaviour) when hashing object names
       + Fix critical warnings "GFileInfo created without
         standard::is-symlink" when using /var/lib/flatpak/extension with
         testing/unstable glib2.0
       + Fix validation of documentation against Docbook DTD
       + Fix a misleading comment in the test for CVE-2024-32462
       + Fix a double-free in the test suite
       + Skip more tests if bubblewrap works but FUSE doesn't
     - New upstream stable release 1.14.8
       + Respin of 1.14.7 reverting unintended submodule changes
     - d/control: Move dbus-system-bus from Depends to Recommends.
       `flatpak run` no longer has a working system bus as a hard requirement
       (verified in `podman run --privileged --rm -it debian:sid-slim`)
     - Drop CVE-2024-32462 patches, included in the upstream stable release
     - debian/test.sh: Disable http proxy if used, to ensure we can reach
       a HTTP server on localhost during automated tests
   * Changes relative to 1.14.8-1 in unstable:
     - Revert polkitd dependencies to polkitd | policykit-1 as previously
       used in bookworm
     - Revert pkgconf dependencies to pkg-config as previously used in
       bookworm
     - Revert location of systemd unit to /lib/systemd/system as previously
       used in bookworm, dropping versioned dependency on debhelper 13.11.6~
     - Revert changes related to Debian 13 GIR XML packaging policy
Checksums-Sha1:
 5eef5d84f0821c07f5b562a6370c6382ff6ff828 3687 flatpak_1.14.8-1~deb12u1.dsc
 b5ab5c48bca428584983e9282b7dca0eea540ce6 36384 flatpak_1.14.8-1~deb12u1.debian.tar.xz
 b8c80219d27a5f6dc89ddbeaa9e3e69c7011d6c3 12111 flatpak_1.14.8-1~deb12u1_source.buildinfo
Checksums-Sha256:
 20113901f4c3866b13b27126feda4836c0f50176adc2381b4a2138236c5acf53 3687 flatpak_1.14.8-1~deb12u1.dsc
 4f56af003b3b5131025605baaf167945c66a237977d3047d344589e6251e68c5 36384 flatpak_1.14.8-1~deb12u1.debian.tar.xz
 df0402c645afb1d0027132722d42a4b005e39ed060617c82ec648dc24eb2e416 12111 flatpak_1.14.8-1~deb12u1_source.buildinfo
Files:
 b1b839bcc62e1fcbf63a24784340da8b 3687 admin optional flatpak_1.14.8-1~deb12u1.dsc
 cdd22a268ca0da9f70bfc5a141e864ef 36384 admin optional flatpak_1.14.8-1~deb12u1.debian.tar.xz
 026d9e1289a79d2f0822a680539a586b 12111 admin optional flatpak_1.14.8-1~deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmZfQj4ACgkQ4FrhR4+B
TE8aMg//XkXvIauFhgFZN+ATJRcwwKrmcXB/RLNw/bPB6Wz+FCfvtSWycwryAbSM
430Tx3nHlSndqPumDD5FnnFDncvTtO9JnoGAbsISoggIQgi11BjH3EQkYfs4xyMz
Ore0AcUIbt7L13QMReuJ0FsYS6/s1mxnxNq9U3btkNHY3LrgdYFMuZa6heVXs8Ij
5zF0xHQAN5ma9IaYVhvfDnXg4pUbXmVwpEjpCsO4r1p4xw7GdZ1Er4wn55mSY9Nx
lyonb4ZnX8YhzWtX/l/99392mI6OnDWZ4XVo3EVHr+PlrkDvebXRIHebTKQVrHwN
NiLnAUfgEEOm9RmYZT7ZJjACBeaRqoKP3iSD3X4zXiRF9vrMEysApTFSGGKXzZ/u
Cvm3GCNgYIUHpqy8MpFmcYhmvbFJZgsZkW4/G7LW3IbQY1qvuwqNct2IOZPIUweB
GQwmfTlPEiRTqFho9e5kwE8h0KKI2LMTzfgkOU+UvYe4FxFfmlaTBKMJkQ3Wn5hu
YtOlsZcur1xC1rPcX0Fmm4BbfvKGVm8IwPDplEqQ5HpcGdDVVM5+39PzJvNadOh8
t+RsjttYXrqy5/aWsqqr9QgKh2tVIGB9BzNoA2A0jPOMVtJVvxhMY+QzUIGNOwha
EIjupbMCwwfsTt5N91KE85byPkc9b+flH1xoPfw4I6er73YCN3Y=
=sUiG
-----END PGP SIGNATURE-----