* New upstream stable release
- Canonicalize XDG_RUNTIME_DIR if it's a symlink
- Support device nodes for multiple Nvidia graphics cards if the
proprietary driver is used
- Fix a crash when certain errors occur while updating apps
- Fix "flatpak list --arch"
- Make "Installing %d/%d..." translatable
* d/p/run-Only-compare-the-lowest-32-ioctl-arg-bits-for-TIOCSTI.patch:
Drop patch, applied upstream
-- Simon McVittie <email address hidden> Wed, 27 Mar 2019 20:47:33 +0000
flatpak (1.2.3-2) unstable; urgency=high
* seccomp: Reject all ioctls that the kernel will interpret as TIOCSTI,
including those where the high 32 bits in a 64-bit word are nonzero.
(Closes: #925541, CVE-2019-10063)
-- Simon McVittie <email address hidden> Tue, 26 Mar 2019 20:38:36 +0000
This bug was fixed in the package flatpak - 1.2.4-1
Sponsored for Anders Kaseorg (andersk)
---------------
flatpak (1.2.4-1) unstable; urgency=medium
* New upstream stable release Only-compare- the-lowest- 32-ioctl- arg-bits- for-TIOCSTI. patch:
- Canonicalize XDG_RUNTIME_DIR if it's a symlink
- Support device nodes for multiple Nvidia graphics cards if the
proprietary driver is used
- Fix a crash when certain errors occur while updating apps
- Fix "flatpak list --arch"
- Make "Installing %d/%d..." translatable
* d/p/run-
Drop patch, applied upstream
-- Simon McVittie <email address hidden> Wed, 27 Mar 2019 20:47:33 +0000
flatpak (1.2.3-2) unstable; urgency=high
* seccomp: Reject all ioctls that the kernel will interpret as TIOCSTI,
including those where the high 32 bits in a 64-bit word are nonzero.
(Closes: #925541, CVE-2019-10063)
-- Simon McVittie <email address hidden> Tue, 26 Mar 2019 20:38:36 +0000