Your message dated Fri, 19 Dec 2025 15:19:16 +0000
with message-id <[email protected]>
and subject line Bug#1114484: fixed in flatpak 1.16.2-1
has caused the Debian Bug report #1114484,
regarding flatpak-session-helper leaks memory
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1114484: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114484
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: flatpak
Version: 1.16.1-1
Severity: normal
Tags: upstream patch
X-Debbugs-Cc: [email protected]
Dear Maintainer,
Depending on the application, flatpak-session-helper can leak memory
at an alarming rate.
For example, when using the StreamController flatpak the memory leak
can render a system unusable after about a week.
flatpak-session-helper appears to run alongside each flatpak
application, or similar, so it isn't easy to avoid.
This has been fixed upstream via commit:
cd80e843 session-helper: Avoid a memory leak
The issue was tracked upstream via:
https://github.com/flatpak/flatpak/issues/5821
It would be fabulous to have this fix in the Debian flatpak package.
Thanks!
peace & happiness,
martin
-- Package-specific info:
Permissions of /usr/bin/bwrap:
-rwxr-xr-x 1 root root 80272 Dec 30 2024 /usr/bin/bwrap
/etc/sysctl.d/*-bubblewrap.conf:
cat: '/etc/sysctl.d/*-bubblewrap.conf': No such file or directory
/usr/lib/sysctl.d/50-bubblewrap.conf:
# Enable unprivileged creation of new user namespaces in older Debian
# kernels.
#
# If this is not desired, copy this file to
# /etc/sysctl.d/50-bubblewrap.conf and change the value of this parameter
# to 0, then use dpkg-statoverride to make /usr/bin/bwrap setuid root.
#
# For more details see https://deb.li/bubblewrap or
# /usr/share/doc/bubblewrap/README.Debian
kernel.unprivileged_userns_clone=1
/proc/sys/kernel/unprivileged_userns_clone:
1
/proc/sys/user/max_cgroup_namespaces:
255859
/proc/sys/user/max_ipc_namespaces:
255859
/proc/sys/user/max_mnt_namespaces:
255859
/proc/sys/user/max_net_namespaces:
255859
/proc/sys/user/max_pid_namespaces:
255859
/proc/sys/user/max_time_namespaces:
255859
/proc/sys/user/max_user_namespaces:
255859
/proc/sys/user/max_uts_namespaces:
255859
-- System Information:
Debian Release: 13.0
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.32-rt-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8),
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled
Versions of packages flatpak depends on:
ii adduser 3.152
ii bubblewrap 0.11.0-2
ii fuse3 3.17.2-3
ii libappstream5 1.0.5-1
ii libarchive13t64 3.7.4-4
ii libc6 2.41-12
ii libcurl3t64-gnutls 8.14.1-2
ii libdconf1 0.40.0-5
ii libfuse3-4 3.17.2-3
ii libgdk-pixbuf-2.0-0 2.42.12+dfsg-4
ii libglib2.0-0t64 2.84.3-1
ii libgpgme11t64 1.24.2-3
ii libjson-glib-1.0-0 1.10.6+ds-2
ii libmalcontent-0-0 0.13.0-2
ii libostree-1-1 2025.2-1
ii libpolkit-agent-1-0 126-2
ii libpolkit-gobject-1-0 126-2
ii libseccomp2 2.6.0-2
ii libsystemd0 257.7-1
ii libwayland-client0 1.23.1-3
ii libxau6 1:1.0.11-1
ii libxml2 2.12.7+dfsg+really2.9.14-2.1+deb13u1
ii libzstd1 1.5.7+dfsg-1
ii xdg-dbus-proxy 0.1.6-1
Versions of packages flatpak recommends:
ii ca-certificates 20250419
ii dbus [default-dbus-system-bus] 1.16.2-2
ii desktop-file-utils 0.28-1
ii gtk-update-icon-cache 4.18.6+ds-2
ii hicolor-icon-theme 0.18-2
pn libpam-systemd <none>
ii p11-kit 0.25.5-3
ii polkitd 126-2
ii shared-mime-info 2.4-5+b2
ii xdg-desktop-portal 1.20.3+ds-1
ii xdg-desktop-portal-gtk [xdg-desktop-portal-backend] 1.15.3-1
ii xdg-user-dirs 0.18-2
Versions of packages flatpak suggests:
ii avahi-daemon 0.8-16
pn malcontent-gui <none>
Versions of packages bubblewrap depends on:
ii libc6 2.41-12
ii libcap2 1:2.75-10+b1
ii libselinux1 3.8.1-1
Versions of packages bubblewrap recommends:
ii procps 2:4.0.4-9
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: flatpak
Source-Version: 1.16.2-1
Done: Simon McVittie <[email protected]>
We believe that the bug you reported is fixed in the latest version of
flatpak, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon McVittie <[email protected]> (supplier of updated flatpak package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 19 Dec 2025 11:38:19 +0000
Source: flatpak
Architecture: source
Version: 1.16.2-1
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team
<[email protected]>
Changed-By: Simon McVittie <[email protected]>
Closes: 1114484
Changes:
flatpak (1.16.2-1) unstable; urgency=medium
.
* New upstream stable release
- Fix a memory leak in flatpak-session-helper when invoking host
commands (flatpak-spawn --host) from privileged apps
(Closes: #1114484)
- Treat either the xe or i915 kernel module as indicating an Intel GPU,
not just i915, and install the appropriate VA-API extensions
- If using GLib 2.86.1 (specifically that version due to a regression
that was later fixed), avoid exposing $HOME to apps if an XDG special
directory such as Music is requested by the app but has been disabled
locally
- In flatpak-kill(1), make killing processes more robust, and avoid race
conditions that could lead to the whole process group being killed
- Allow `flatpak run` or `flatpak install --user` while under
`sudo -u otheruser` or `sudo -g`, as long as the other user is not root,
relaxing a check that was only intended to avoid accidents involving
running as root
- Provide an empty /run/host/font-dirs.xml during flatpak-build(1),
avoiding spurious warnings for processes that use fontconfig during
build-time tests
- Fix a crash in `flatpak install --include-sdk` if the app is installed
on a per-user basis but the corresponding SDK is already installed
system-wide
- Take the --reinstall option into account when installing a bundle
- Add a missing argument to fcntl F_DUPFD_CLOEXEC during Flatpak's own
build-time tests, fixing a test regression with newer glibc on Ubuntu
- Fix flatpak-pin(1)/flatpak-mask(1) with multiple arguments, by
reloading configuration when needed
- Fix an assertion failure in flatpak-build-import-bundle(1)
- When using the library API, allow http downloads with libcurl to be
cancelled
- If an OCI registry only has one image, allow the tag to be omitted
- Fix a memory leak when using an OCI registry
- Fix an uninitialized variable
- Documentation improvements
- Translation updates: pl
* d/libflatpak-doc.install:
Install single-file HTML documentation for the library.
This was built by Autotools in 1.14.x and disappeared during the switch
to Meson, but is now built again as a result of upstream fixes.
Checksums-Sha1:
855051c949d68c5a92f483c17aa45426aea8fe98 3828 flatpak_1.16.2-1.dsc
750f57fa87f7541bc6e4fe9c707eebfe94040527 1226688 flatpak_1.16.2.orig.tar.xz
931748b1304b91aed273a41052a1b3df41219272 41568 flatpak_1.16.2-1.debian.tar.xz
48307e2037cae778fc6d2e4acd6adabf76e64f13 13566
flatpak_1.16.2-1_source.buildinfo
Checksums-Sha256:
8337a5b2fcfe91de18e543a25e45ac1667bc9e44c0c954f32e39ab0e771def96 3828
flatpak_1.16.2-1.dsc
69172d1b0d85c68f81e6ddf0115f8e1b05d73b1b010fea8d9ecb03bc8ad843eb 1226688
flatpak_1.16.2.orig.tar.xz
1ad443826b7381442b2c0bf10d3946f9a5d97041b4e20f133f28d44f0afa80d3 41568
flatpak_1.16.2-1.debian.tar.xz
58c9f9d6974a0b2bf89f50f60d9bc8480f0bcb8e538a621f9c7a079401db907e 13566
flatpak_1.16.2-1_source.buildinfo
Files:
a23ba772a275104bbebdbc4e28fd4550 3828 admin optional flatpak_1.16.2-1.dsc
5537c4e9a06e7080c4bc85106c08544b 1226688 admin optional
flatpak_1.16.2.orig.tar.xz
7f9c06333ed8a90984447437f2695443 41568 admin optional
flatpak_1.16.2-1.debian.tar.xz
94ab3cb4b08406ec32d0ed2f3f504740 13566 admin optional
flatpak_1.16.2-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEegc60a5pT6Jb/2LlI1wJnT6zMHYFAmlFa6UACgkQI1wJnT6z
MHZS1A//VxFf2pxOFp6Jm2Rc1Cw7VwbRNgk+XVf/gW7fpjadK1SU5OsGk419fUqf
+ZFrxC4YpvVhT344M1hBCuO53GVZ7+y3yobq8ZXMJBklPBvI/a7lgYzFE/hAHKO9
lm8IiYnbFJ/1s4NHBpy7o39ZzMU7x0SqBUVWUwCTsqgsPxkzCrAseYJxMPoNo+jN
TPyKXY4HYD4eNVbJ5TUpVUYauO/BSLocasNv+cYqEOq0gUiCNZn6Nuenyw91hkzA
y0P7cVckHzlva8av/8xK8XwK8oxNm8skpB8nMtFje9n7TozXY/CQvvLXBbZ+zj2P
eJENSHroLISVsahuH7QCdAoe5BlWrARCvPzopjvSPi2W9sOBTultIkvv1tQ38pwx
Th5dB+6YqcixiqhfdrenyaZESxCOvjjEK4hy/cHzUzEoeJTlgYbuEvk8tSdJu9be
cb3rBhN6Ymc8f2ECF7MOArKuBaymjmiRZ1MEtwy139KovWPYhQ1j2xt3s61V8QrQ
W1jAMMALOdUWs3al99EY+YqaJnQD4+JIecXrfBgDZE/13PRkAWoyMsiRFff6J6B1
bc4wB23T5l17ddv+p1tRohOQO+UMcYGq5/y7qGCzS1+V5LMheVt33R2ie1iLTSIC
wYy9AItbp7vmKdQaJ7ZdL2bhWpxS4S/yTPOGN9GSBMGOphmTRls=
=jhxs
-----END PGP SIGNATURE-----
pgpRazkJV0NYS.pgp
Description: PGP signature
--- End Message ---
