Hello community, here is the log from the commit of package flatpak for openSUSE:Factory checked in at 2020-02-03 11:11:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/flatpak (Old) and /work/SRC/openSUSE:Factory/.flatpak.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "flatpak" Mon Feb 3 11:11:00 2020 rev:40 rq:769117 version:1.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/flatpak/flatpak.changes 2020-01-28 10:48:24.976556369 +0100 +++ /work/SRC/openSUSE:Factory/.flatpak.new.26092/flatpak.changes 2020-02-03 11:11:16.429782931 +0100 @@ -1,0 +2,20 @@ +Thu Jan 30 16:56:01 UTC 2020 - Antonio Larrosa <alarr...@suse.com> + +- Update to version 1.6.1: + + This is a (mild) security update. Flatpak 1.6.0 added the + ability for an application to request it to be updated, as long + as the new version doesn't require new permissions. + Unfortunately in some special cases, if an app had access to + the home directory, but not the rest of the filesystem it would + still allow a self-update where the new version could access + some files outside the home directory. + + New permission --device=shm giving access to host /dev/shm, as + needed for jack. + + Generated correct download size in build-commit-from + + sub-sandbox now allows the child to share the gpu of the caller + has full device access + + Fix crash with disabled remotes + + Fix builds with older versions of glib + + Updated translations. + +------------------------------------------------------------------- Old: ---- flatpak-1.6.0.tar.xz New: ---- flatpak-1.6.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ flatpak.spec ++++++ --- /var/tmp/diff_new_pack.lFbClX/_old 2020-02-03 11:11:19.433784449 +0100 +++ /var/tmp/diff_new_pack.lFbClX/_new 2020-02-03 11:11:19.433784449 +0100 @@ -32,7 +32,7 @@ %define libname libflatpak0 Name: flatpak -Version: 1.6.0 +Version: 1.6.1 Release: 0 Summary: OSTree based application bundles management License: LGPL-2.1-or-later ++++++ _service ++++++ --- /var/tmp/diff_new_pack.lFbClX/_old 2020-02-03 11:11:19.453784459 +0100 +++ /var/tmp/diff_new_pack.lFbClX/_new 2020-02-03 11:11:19.453784459 +0100 @@ -4,7 +4,7 @@ <param name="url">https://github.com/flatpak/flatpak.git</param> <param name="scm">git</param> <param name="versionformat">@PARENT_TAG@</param> - <param name="revision">refs/tags/1.6.0</param> + <param name="revision">refs/tags/1.6.1</param> </service> <service name="recompress" mode="disabled"> <param name="file">*.tar</param> ++++++ flatpak-1.6.0.tar.xz -> flatpak-1.6.1.tar.xz ++++++ ++++ 12538 lines of diff (skipped)