Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package flatpak for openSUSE:Factory checked in at 2024-04-25 20:47:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/flatpak (Old) and /work/SRC/openSUSE:Factory/.flatpak.new.1880 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "flatpak" Thu Apr 25 20:47:35 2024 rev:84 rq:1170044 version:1.15.8 Changes: -------- --- /work/SRC/openSUSE:Factory/flatpak/flatpak.changes 2024-03-20 21:10:12.324822108 +0100 +++ /work/SRC/openSUSE:Factory/.flatpak.new.1880/flatpak.changes 2024-04-25 20:47:42.762842373 +0200 @@ -1,0 +2,76 @@ +Tue Apr 23 13:23:52 UTC 2024 - Robert Frohl <[email protected]> + +- disable parental controls for now by using '-Dmalcontent=disabled', to work around + issues with xdg-desktop-portal + +------------------------------------------------------------------- +Fri Apr 19 08:05:28 UTC 2024 - Robert Frohl <[email protected]> + +- Update to version 1.15.8: + + Security fixes: + - Don't allow an executable name to be misinterpreted as a + command-line option for bwrap(1). This prevents a sandbox + escape where a malicious or compromised app could ask + xdg-desktop-portal to generate a .desktop file with access to + files outside the sandbox. (CVE-2024-32462, boo#1223110). + + Other bug fixes: + - Pass the -export-dynamic linker option as + -Wl,-export-dynamic, fixing build failures with clang 18 and + lld 18. + - Fix a double-free when installation is cancelled. + - Fix installed-tests failure with "FUSERMOUNT: unbound + variable". +- Changes from version 1.15.7: + + New features: + - Automatically remove obsolete driver versions and other + autopruned refs. + - --socket=inherit-wayland-socket. + - Automatically reload D-Bus session bus configuration after + installing or upgrading apps, to pick up any exported D-Bus + services. + + Bug fixes: + - Don't parse <developer><name/></developer> as the application + name. + - Don't refuse to start apps when there is no D-Bus system bus + available. + - Don't try to repeat migration of apps whose data was migrated + to a new name and then deleted. + - Improve handling of mixed locales on systems with + systemd-localed. + - Improve display of ellipsized columns in wide terminals. + - Make flatpak info -e look for extensions in all + installations. + - Fix warnings from newer GLib versions. + - Always set the container environment variable. + - Always let the app inherit redirected file descriptors. + - In flatpak ps, add xdg-desktop-portal-gnome to the list of + backends we'll use to learn which apps are running in the + background. + - Don't use WAYLAND_SOCKET unless given + --socket=inherit-wayland-socket. + - Use fusermount3 if compiled with FUSE 3, overridable with + -Dsystem_fusermount compile-time option. + - Avoid leaking a temporary variable from + /etc/profile.d/flatpak.sh into the shell environment. + - Improve async-signal safety. + - Fix various memory leaks. + - Avoid undefined behaviour of signed left-shift when storing + object IDs in a hash table. + - Detect the correct gtk-doc when cross-compiling. + - Detect the correct wayland-scanner when cross-compiling. + - Documentation improvements. + - Skip more tests when FUSE isn't available. + - Updated translations. +- Add libglnx.patch: fix meson function detection. +- Switch build system to meson: + + Add meson BuildRequires. + + Switch configure/make_build/make_install macros to + meson/meson_build/meson_install, preserving the configure + parameters as close as possible: + --disable-silent-rules => obsoleted + --with-system-bubblewrap => -Dsystem_bubblewrap=bwrap + --with-curl => -Dhttp_backend=curl +- Add pkgconfig(malcontent-0) BuildRequires: enable malcontent + support. + +------------------------------------------------------------------- Old: ---- flatpak-1.15.6.tar.xz New: ---- flatpak-1.15.8.tar.xz libglnx.patch BETA DEBUG BEGIN: New: - Updated translations. - Add libglnx.patch: fix meson function detection. - Switch build system to meson: BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ flatpak.spec ++++++ --- /var/tmp/diff_new_pack.2J6W8d/_old 2024-04-25 20:47:43.382865140 +0200 +++ /var/tmp/diff_new_pack.2J6W8d/_new 2024-04-25 20:47:43.382865140 +0200 @@ -35,7 +35,7 @@ %define support_environment_generators 1 %endif Name: flatpak -Version: 1.15.6 +Version: 1.15.8 Release: 0 Summary: OSTree based application bundles management License: LGPL-2.1-or-later @@ -49,6 +49,8 @@ Source5: https://flathub.org/repo/flathub.flatpakrepo # PATCH-FEATURE-OPENSUSE polkit_rules_usability.patch -- Make the rules comply with openSUSE expectations Patch0: polkit_rules_usability.patch +# PATCH-FIX-UPSTREAM libglnx.patch https://gitlab.gnome.org/GNOME/libglnx/-/merge_requests/57 +Patch1: libglnx.patch BuildRequires: bison BuildRequires: bubblewrap >= %{bubblewrap_version} @@ -59,6 +61,7 @@ BuildRequires: libgpg-error-devel BuildRequires: libgpgme-devel >= 1.1.8 BuildRequires: libtool +BuildRequires: meson BuildRequires: pkgconfig BuildRequires: python3-pyparsing BuildRequires: selinux-policy-devel @@ -163,8 +166,8 @@ Summary: Add Flathub repository to system flatpak Group: System/Packages Requires: flatpak -Requires(postun): flatpak -Requires(postun): sed +Requires(postun):flatpak +Requires(postun):sed %if 0%{?suse_version} > 1600 Supplements: flatpak %endif @@ -204,27 +207,25 @@ sed -i -e '1s,#!%{_bindir}/env python3,#!%{_bindir}/python3,' scripts/flatpak-* %build -./autogen.sh -%configure \ - --disable-silent-rules \ - --with-system-bubblewrap \ - --with-curl \ - --with-priv-mode=none \ - --with-dbus-config-dir=%{_dbusconfigdir} \ - --with-system-dbus-proxy=%{_bindir}/xdg-dbus-proxy \ +%meson \ + -Dsystem_bubblewrap=%{_bindir}/bwrap \ + -Dhttp_backend=curl \ + -Ddbus_config_dir=%{_dbusconfigdir} \ + -Dsystem_dbus_proxy=%{_bindir}/xdg-dbus-proxy \ %if !%{support_environment_generators} - --enable-gdm-env-file \ + -Dgdm_env_file=enabled \ %endif - --enable-documentation \ - --enable-gtk-doc \ - --with-wayland-security-context=yes \ - --with-selinux_module=yes \ + -Dgtkdoc=enabled \ + -Dwayland_security_context=enabled \ + -Dselinux_module=enabled \ + -Dtests=false \ + -Dmalcontent=disabled \ %{nil} -%make_build +%meson_build %sysusers_generate_pre system-helper/flatpak.conf system-user-flatpak flatpak.conf %install -%make_install +%meson_install find %{buildroot} -type f -name "*.la" -delete -print mkdir -p %{buildroot}%{_sbindir} ln -s service %{buildroot}%{_sbindir}/rcflatpak-system-helper @@ -331,7 +332,9 @@ %{_mandir}/man1/%{name}*.1%{?ext_man} %{_mandir}/man5/flatpak-metadata.5%{?ext_man} %{_mandir}/man5/flatpak-flatpakref.5%{?ext_man} +%{_mandir}/man5/flatpakref.5%{?ext_man} %{_mandir}/man5/flatpak-flatpakrepo.5%{?ext_man} +%{_mandir}/man5/flatpakrepo.5%{?ext_man} %{_mandir}/man5/flatpak-installation.5%{?ext_man} %{_mandir}/man5/flatpak-remote.5%{?ext_man} %{_datadir}/%{name}/ ++++++ flatpak-1.15.6.tar.xz -> flatpak-1.15.8.tar.xz ++++++ ++++ 51404 lines of diff (skipped) ++++++ libglnx.patch ++++++ Index: flatpak-1.15.8/subprojects/libglnx/meson.build =================================================================== --- flatpak-1.15.8.orig/subprojects/libglnx/meson.build +++ flatpak-1.15.8/subprojects/libglnx/meson.build @@ -40,7 +40,7 @@ foreach check_function : check_functions #include <linux/random.h> #include <sys/mman.h> - int func (void) { + void func (void) { (void) ''' + check_function + '''; } ''',
