-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:39:48 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: i386
Version: 1.14.4-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.14.4-1+deb12u1) bookworm-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
   * d/gbp.conf: Use debian/bookworm packaging branch
Checksums-Sha1:
 4b0beee4bdb77faa5cc8316e4cff329350a0e559 5478192 flatpak-dbgsym_1.14.4-1+deb12u1_i386.deb
 47100454c7e34bdbfb286616ad18982ed1fba0b8 8539060 flatpak-tests-dbgsym_1.14.4-1+deb12u1_i386.deb
 ed14ca9f041854385a75b6ac699e988cebaf46a0 1202024 flatpak-tests_1.14.4-1+deb12u1_i386.deb
 6bcd2e59cbed78fd381cf298b89938f927dd6484 14286 flatpak_1.14.4-1+deb12u1_i386-buildd.buildinfo
 89ea2b5986f9b9e89998a043171c1898b2779023 1435084 flatpak_1.14.4-1+deb12u1_i386.deb
 851d3c02b8d102ca04e36c859fc47f220eba623a 23012 gir1.2-flatpak-1.0_1.14.4-1+deb12u1_i386.deb
 6ab235236decccd0410356c03ffdd312f0276124 66428 libflatpak-dev_1.14.4-1+deb12u1_i386.deb
 97c6c6819850743615fddeaf39f4274897b8d299 1288680 libflatpak0-dbgsym_1.14.4-1+deb12u1_i386.deb
 56f559d129b3a063fc0ced143ca57299ef878462 390160 libflatpak0_1.14.4-1+deb12u1_i386.deb
Checksums-Sha256:
 ac34806d628c582a3a2a8245471b66394e64439b41f9ac42dcda2bce63ef1b2b 5478192 flatpak-dbgsym_1.14.4-1+deb12u1_i386.deb
 0090f08d82c097308ac11654d5f4f38f7e18398db083b1296bf9d9d4bab8b7f8 8539060 flatpak-tests-dbgsym_1.14.4-1+deb12u1_i386.deb
 014a2c5764e0ce2562b28def50b87ea63748a83d831e1f8a5b190729f1f1d95f 1202024 flatpak-tests_1.14.4-1+deb12u1_i386.deb
 62d30523677046814699d3914c214df9d55f76beccefc5b6c52bdb99ad88ce32 14286 flatpak_1.14.4-1+deb12u1_i386-buildd.buildinfo
 6f88be36efd82933d445241de44744dc9b80e25111fe32a8012177ccb9c7270c 1435084 flatpak_1.14.4-1+deb12u1_i386.deb
 38d590603ba9c59080fc56567f2e4654582938c02a24cd1438201754c5522cfa 23012 gir1.2-flatpak-1.0_1.14.4-1+deb12u1_i386.deb
 71ec5b46f11c57aa66974ca723e128189e824b57e748d99c1e681687beda0178 66428 libflatpak-dev_1.14.4-1+deb12u1_i386.deb
 527066b83078116a89be6ac059f190d88321cac268edb119db97bc949b44981d 1288680 libflatpak0-dbgsym_1.14.4-1+deb12u1_i386.deb
 63b943acb55ea5bc57de0e8fe46ad953a3dea88979c4b7870986887f3ddf1414 390160 libflatpak0_1.14.4-1+deb12u1_i386.deb
Files:
 bc4b3ee2226137a0366531150c82acab 5478192 debug optional flatpak-dbgsym_1.14.4-1+deb12u1_i386.deb
 c25d3b995ffe2a43f8ef1c33f8fd1bb3 8539060 debug optional flatpak-tests-dbgsym_1.14.4-1+deb12u1_i386.deb
 662508679cb4fa50fc35636c34e3b6af 1202024 misc optional flatpak-tests_1.14.4-1+deb12u1_i386.deb
 b697a752e0c9c07d7abf7682d490592a 14286 admin optional flatpak_1.14.4-1+deb12u1_i386-buildd.buildinfo
 092b9d8047f6fdbdd130c0d7e4af0b0a 1435084 admin optional flatpak_1.14.4-1+deb12u1_i386.deb
 6ee72ed96e6f4222338720ed100f07a5 23012 introspection optional gir1.2-flatpak-1.0_1.14.4-1+deb12u1_i386.deb
 e9df30342f7bb83199b14870da490f02 66428 libdevel optional libflatpak-dev_1.14.4-1+deb12u1_i386.deb
 a852f54e3c6070d96d6ce738c978f261 1288680 debug optional libflatpak0-dbgsym_1.14.4-1+deb12u1_i386.deb
 40cc440dd99401c306ec93c3abe3729b 390160 libs optional libflatpak0_1.14.4-1+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmYhcmAACgkQPyQET5WC
Y92P6Q/+OFm07hl2Ik8LT3wwUd/UMQh9YYPi8CIt3zS30mBIcLKbOA7ML31zFObD
Kq9rt2TfbnXH/7k0/YMNwehb9EIZ5q4PeZ/Nd4/mFqWHj1DE80U+Jdw3KdCsQfi+
uCFIXis0stOzndqDrAmlltmakSMQGZ935XBo3nZKzhqydqIOxqkKN6Hd2hdnK+oD
pqIQu2kskkiaDakelUu09Mni+QSOSLrO6DfF9P/qaEm0p0bRXm2U47sbC2AbfhDN
ROsxGSHFq61e8W1gBfMMWvREF8UNOEqGSh4LIzHNTg6EjhxZj9sl/8w6OUM0tV/x
vgDG2Ix5l33iuat7vRJpvXTnjxn6EttHRhJxS0jScpjvjLAJ6R0tGM6QdmoXAioe
EeR+Sc9qkH9Jmf09Q+VB5jOs1abD1nT3yGU0kLUXFqRDMyiUpsxDBqVm1boA0Fr4
pxxbRyZmzRqUlnhC0FWl5G8hNLbZp+UiHN6M4Eav3NLbvPuD5NQ/eUWtwrl746CR
kqL+Kmcg9t7FCaAxFHhrlGOFwg/Sn1uWcShH1NcZBfuJ6H08X2QnTpM4CmCMutqJ
wsVXUETbBV5JC8ui5+ZslZ/lDwr1PZEjb3hBnbgkA11yA/uEOlZPmWvy6F/jy491
PvgZUsBXW6ZS9YUIwDepIcblq6iSsxtUTUTc9AROYdfI4h5dZpA=
=nLwv
-----END PGP SIGNATURE-----