-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:43:12 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: armhf
Version: 1.10.8-0+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_armhf-arm-ubc-05@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.10.8-0+deb11u2) bullseye-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
Checksums-Sha1:
 491c2cb2a8162a4532754371450031c476c88e06 5799952 flatpak-dbgsym_1.10.8-0+deb11u2_armhf.deb
 b890f01481260f64c937638f76d12cd310eb8ae8 6503548 flatpak-tests-dbgsym_1.10.8-0+deb11u2_armhf.deb
 b58bfa0b490965dd785fa0a2611f3b989c8f7d6a 774620 flatpak-tests_1.10.8-0+deb11u2_armhf.deb
 f8353b3d5d3566d67051e1f3e9279dad5a2e9f6a 14618 flatpak_1.10.8-0+deb11u2_armhf-buildd.buildinfo
 c5a5935e948e50b93c5c0958e16ad16a4cbee622 1147656 flatpak_1.10.8-0+deb11u2_armhf.deb
 5635fe1e672616d4426fa16a55581984c3313ee5 37708 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_armhf.deb
 c7c06304f77fc1acb5e3e0e01fbf43fe54ba9b64 79548 libflatpak-dev_1.10.8-0+deb11u2_armhf.deb
 b6d7ff1d03f718b9ab35a4e35ff1e60da42480d2 1378164 libflatpak0-dbgsym_1.10.8-0+deb11u2_armhf.deb
 be1fd0ffcbedbad35790a1419d9973e33874f238 306212 libflatpak0_1.10.8-0+deb11u2_armhf.deb
Checksums-Sha256:
 7cb1db9ec1b48b75f928aa7c71e2ec7d39b422619fa54de21259bf72f7601073 5799952 flatpak-dbgsym_1.10.8-0+deb11u2_armhf.deb
 637abf1dd2a6d4d85c60e77028a4548e5c6433499e63ee0e65ca0248d912c669 6503548 flatpak-tests-dbgsym_1.10.8-0+deb11u2_armhf.deb
 3b7808c2cd46f88360b538629e526abc6e0d19bf370f045b29e86a21ddfc8cca 774620 flatpak-tests_1.10.8-0+deb11u2_armhf.deb
 aeebb0b8a812181c55339c37d3938b8452a8bb319459e4a000d16af62c831ecd 14618 flatpak_1.10.8-0+deb11u2_armhf-buildd.buildinfo
 98edc9787cd11e570403d38405a87b205545a7737c1d137ea6cf3b925871d99e 1147656 flatpak_1.10.8-0+deb11u2_armhf.deb
 906745893d690565c57bcda91582d0bd0a909b552588c29c2895a7335680ee3a 37708 gir1.2-flatpak-1.0_1.10.8-0+deb11u2_armhf.deb
 cd3c2a072e5421af857608d6bbc2bb6fd33e41c64b2d4fdf5e51e0ad10dcd306 79548 libflatpak-dev_1.10.8-0+deb11u2_armhf.deb
 c520365e5105a66af73769256c7c1997c2dc0f344f7c5dd52374f06404a31484 1378164 libflatpak0-dbgsym_1.10.8-0+deb11u2_armhf.deb
 6de6d859571f8a9e1162c0a86f3c6e7bc89be01948c2bc851d1db8d2a51e75c4 306212 libflatpak0_1.10.8-0+deb11u2_armhf.deb
Files:
 283624f672c6cc8dc87ac902093bb351 5799952 debug optional flatpak-dbgsym_1.10.8-0+deb11u2_armhf.deb
 2ff0918f5eaabf247c0ed1a17382d590 6503548 debug optional flatpak-tests-dbgsym_1.10.8-0+deb11u2_armhf.deb
 4b83239a9198f10be9efc5bc30795bb0 774620 misc optional flatpak-tests_1.10.8-0+deb11u2_armhf.deb
 2425239200de9732cf9b3658f9736b02 14618 admin optional flatpak_1.10.8-0+deb11u2_armhf-buildd.buildinfo
 dbcb29c9babd14a7626b22f6c40360de 1147656 admin optional flatpak_1.10.8-0+deb11u2_armhf.deb
 0e42e8b67adab4e4c868762cfbab3659 37708 introspection optional gir1.2-flatpak-1.0_1.10.8-0+deb11u2_armhf.deb
 a567888efa905178fca65e73813ee41f 79548 libdevel optional libflatpak-dev_1.10.8-0+deb11u2_armhf.deb
 0af25ca598a4d331f36415c6f05fa0c2 1378164 debug optional libflatpak0-dbgsym_1.10.8-0+deb11u2_armhf.deb
 c4981de1eeb913ccefd6d17b80dd6b6b 306212 libs optional libflatpak0_1.10.8-0+deb11u2_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKGUG2wrbdK8nNLJy1gmokJM6hDEFAmYhc0IACgkQ1gmokJM6
hDHQsQ/8DAb1QuHmFNd7vp8QhAKwH9G0qfGgO6CE4Be89AMGquTRSrsC2DbDxW1k
yu3XlUhjCvNfvtx68JzdnTvJDZJvKpVlipRDq7r4yALWaPOGHkbIJ7U0CiNNrsRE
pBmDk3+aA6wjXPe3JPA9pWImG/Rf+uKdpTDEmrqTIFdfqyUMjwuSeujfRYqv0BSF
G4Rl3P55+HcuZqY477SPH1b6X2cwtQUVIDJBPengErIFp8VMGLHn3IHRMEMlbOqP
zuYV/RUKm414Ib2FC4ROeHQEbULfTn0bh49fRGA3upHCIA3acEWYDwomjukoXA7e
q7bJ3A/SrVGRNbhCrYqczmA1uHVVeF9xEvya/SbAk2V+D6TJ73qvWPA8oyawKELN
mOgWV/EQXKAXaed0LCE/qnRrD9+fUfyuwDwRoRY0T3AGmcdBSMunijkiEKNqNSMt
hJ9wMmIH60CKZq1A2HeOcr6YSfJdoh+mXgxK+SbafFOoVCIwxi/SvdofQBQFOtSX
y6BHvphWwRIaxaQhpbtPGC1Vec5c4ISA9fJOrKhfIJbzh7G6GuEuSIpnZPj0K++x
yPFpcHWsPZ9XNg5c9EBv7GRonJuJ6wd6f6BtF16jyHoAh3WhxSOsD0+ohw/yeKc+
fp4o0BUw1Yb3z8MF/jWlP9MzZxXyFPZN6uNO7FyljLNcIPyi1io=
=ZK+T
-----END PGP SIGNATURE-----