Comment 6 for bug 1957716

@alexmurray, hey, I believe that commit was reverted later as it caused a behavioural regression? The Github advisory (https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx) was changed to point to a different commit (https://github.com/flatpak/flatpak/commit/5709f1aaed6579f0136976e14e7f3cae399134ca).

When creating that debdiff, if i recall correctly I went though the commits in this branch https://github.com/flatpak/flatpak/commits/flatpak-1.10.x combined with referring to the github advisories and then skipped the "Make --nofilesystem=host/home remove access to subdirs of those" (307ee18dd62f65c1319594501d01bbdb10f88ab8) as it was reverted later with "Revert "Make --nofilesystem=host/home remove access to subdirs of those"" (ed91bba615d4e50ccd7de53ca9861e367175bbfb).

Please correct me if you think i've missed something :-)

In the github advisory (https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx) there are two commits for flatpak-builder so this could also be done.

Also note I tried looking at focal/bionic but there are a large amount of merge conflicts due to substantial change in the codebase and I'm not familiar enough with GObject/GLib etc to rewrite that code.