Hello community, here is the log from the commit of package flatpak for openSUSE:Factory checked in at 2017-02-19 00:39:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/flatpak (Old) and /work/SRC/openSUSE:Factory/.flatpak.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "flatpak" Changes: -------- --- /work/SRC/openSUSE:Factory/flatpak/flatpak.changes 2017-01-15 11:08:32.691420667 +0100 +++ /work/SRC/openSUSE:Factory/.flatpak.new/flatpak.changes 2017-02-19 00:39:36.644418791 +0100 @@ -1,0 +2,54 @@ +Fri Feb 10 16:45:25 UTC 2017 - [email protected] + +- Update to version 0.8.2: + + This is a bugfix and security update: + - Some of the bind-mounts that flatpak sets up were not + read-only as they should have. This includes: extensions, + system fonts, resolv.conf, localtime and machine-id. Many of + these are typically only writable by root, but some, like the + user-specific fonts and user-installed extensions could be + modified from the sandbox. + + Other fixes: + - There are new configure options for where to install dbus + configuration. + - Broken symlinks in the root directory no longer break flatpak + run. + - flatpak run with HOME in /var now works. + - dri access now also handles mali devices. + - install handles --arch when installing flatpakrefs. + - system-helper activation fixed on systemd-less setups. + - dbus-proxy now works without /run. + - During installation, failing to update a dependency is now + not fatal. + - /etc is now fully writable when building runtimes. + - --filesystem=xdg-config/foo now sets up the bind-mount from + the host dir even when not using :create. + +------------------------------------------------------------------- +Fri Feb 10 16:45:02 UTC 2017 - [email protected] + +- Update to version 0.8.1: + + This is a bugfix and security update (CVE-2017-5226): + - Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the + sandbox, which works around the possibility to inject text on + the controlling tty (CVE-2017-5226). + - This was previously fixed in bubblewrap in 0.1.6, but that + change has now been reverted as it introduced other problems + for flatpak. + + Update bundled bubblewrap to 0.1.7. + + Fix writing new file with O_EXCL in the document portal. + + Allow appstream data that doesn't have .desktop in the + component id, such as data for runtimes. + + Drop json-glib dependency from 1.2 to 1.0. + + Builder: Fail if unable to read included file. + + OCI: Ensure exported layers are readable by everyone. + + Fix extra-data download in gnome-software. + + Fix update-mime-database trigger when installing via the system + helper. + + Updating an app by installing a newer bundle now works again. + + Make /var/tmp not be on a tmpfs (it is now in + ~/.var/app/$appid/cache/tmp). + + Updated documentation. + + Updated translations. + +------------------------------------------------------------------- Old: ---- flatpak-0.8.0.tar.xz New: ---- flatpak-0.8.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ flatpak.spec ++++++ --- /var/tmp/diff_new_pack.mmYPhW/_old 2017-02-19 00:39:37.148347911 +0100 +++ /var/tmp/diff_new_pack.mmYPhW/_new 2017-02-19 00:39:37.148347911 +0100 @@ -1,7 +1,7 @@ # # spec file for package flatpak # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ %define libname libflatpak0 Name: flatpak -Version: 0.8.0 +Version: 0.8.2 Release: 0 Summary: Manage OSTree based application bundles License: LGPL-2.1+ ++++++ _service ++++++ --- /var/tmp/diff_new_pack.mmYPhW/_old 2017-02-19 00:39:37.184342849 +0100 +++ /var/tmp/diff_new_pack.mmYPhW/_new 2017-02-19 00:39:37.184342849 +0100 @@ -4,7 +4,7 @@ <param name="scm">git</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">enable</param> - <param name="revision">refs/tags/0.8.0</param> + <param name="revision">refs/tags/0.8.2</param> </service> <service name="recompress" mode="disabled"> <param name="file">*.tar</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.mmYPhW/_old 2017-02-19 00:39:37.204340036 +0100 +++ /var/tmp/diff_new_pack.mmYPhW/_new 2017-02-19 00:39:37.208339473 +0100 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/flatpak/flatpak.git</param> - <param name="changesrevision">7f31a1acae8f9825ccd083cf450cf411e467fb68</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">3bd1405364a3c2cb0ffd3ccaf7e75c9a905db44f</param></service></servicedata> \ No newline at end of file ++++++ flatpak-0.8.0.tar.xz -> flatpak-0.8.2.tar.xz ++++++ ++++ 9483 lines of diff (skipped)
