File _patchinfo of Package patchinfo.36956
<patchinfo incident="36956">
<category>recommended</category>
<rating>moderate</rating>
<packager>msmeissn</packager>
<summary>Recommended update for bubblewrap, flatpak, wayland-protocols</summary>
<description>
This update for bubblewrap, flatpak updates flatpak to 1.16.0.
flatpak changes:
- Update to version 1.16.0:
+ Bug fixes:
- Update libglnx to 2024-12-06:
. Fix an assertion failure if creating a parent directory
encounters a dangling symlink.
. Fix a Meson warning.
. Don't emit terminal progress indicator escape sequences by
default. They are interpreted as notifications by some
terminal emulators.
- Fix introspection annotations in libflatpak.
+ Enhancements:
- Add the FLATPAK_TTY_PROGRESS environment variable, which
re-enables the terminal progress indicator escape sequences
added in 1.15.91.
- Document the FLATPAK_FANCY_OUTPUT environment variable, which
allows disabling the fancy formatting when outputting to a
terminal.
Update to version 1.15.91 (unstable):
+ Enhancements:
- Add the FLATPAK_DATA_DIR environment variable, which allows
overriding at runtime the data directory location that
Flatpak uses to search for configuration files such as
remotes. This is useful for running tests, and for when
installing using Flatpak in a chroot.
- Add a FLATPAK_DOWNLOAD_TMPDIR variable. This allows using
download directories other than /var/tmp.
- Emit progress escape sequence. This can be used by terminal
emulators to detect and display progress of Flatpak
operations on their graphical user interfaces.
+ Bug fixes:
- Install missing test data. This should fix "as-installed"
tests via ginsttest-runner, used for example in Debian's
autopkgtest framework.
- Unify and improve how the Wayland socket is passed to the
sandboxed app. This should fix a regression that is triggered
by compositors that both implement the security-context-v1
protocol, and sets the WAYLAND_DISPLAY environment variable
when launching Flatpak apps.
- Fix the plural form of a translatable string.
Update to version 1.15.12:
+ Return to using the process ID of the Flatpak app in the cgroup
name. Using the instance ID in 1.15.11 caused crashes when
installing apps, extensions or runtimes that use the "extra
data" mechanism, which does not set up an instance ID.
Changes from version 1.15.11:
+ Dependencies:
- In distributions that compile Flatpak to use a separate
xdg-dbus-proxy executable, version 0.1.6 is recommended (but
not required).
- The minimum xdg-dbus-proxy continues to be 0.1.0.
+ Enhancements:
- Allow applications like WebKit to connect the AT-SPI
accessibility tree of processes in a sub-sandbox with the
tree in the main process.
. New sandboxing parameter flatpak run --a11y-own-name, which
is like --own-name but for the accessibility bus.
. flatpak-portal API v7: add new sandbox-a11y-own-names
option, which accepts names matching ${FLATPAK_ID}.*
. Apps may call the org.a11y.atspi.Socket.Embedded method on
names matching ${FLATPAK_ID}.Sandboxed.* by default
. flatpak run -vv $app_id shows all applicable sandboxing
parameters and their source, including overrides, as debug
messages
- Introduce USB device listing
. Apps can list which USB devices they want to access ahead
of time by using the --usb parameter. Check the manpages
for the more information about the accepted syntax.
. Denying access to USB devices is also possible with the
--no-usb parameter. The syntax is equal to --usb.
. Both options merely store metadata, and aren't used by
Flatpak itself. This metadata is intended to be used by the
(as of now, still in progress) USB portal to decide which
devices the app can enumerate and request access.
- Add support for KDE search completion
- Use the instance id of the Flatpak app as part of the cgroup
name. This better matches the naming conventions for cgroup.
+ Bug fixes:
- Update libglnx to 2024-08-23
- fix build in environments that use -Werror=return-type, such
as openSUSE Tumbleweed
- add a fallback definition for G_PID_FORMAT with older GLib
- avoid warnings for g_steal_fd() with newer GLib
- improve compatibility of g_closefrom() backport with newer
GLib
- Update meson wrap file for xdg-dbus-proxy to version 0.1.6:
- compatibility with D-Bus implementations that pipeline the
authentication handshake, such as sd-bus and zbus
- compatibility with D-Bus implementations that use
non-consecutive serial numbers, such as godbus and zbus
- broadcast signals can be allowed without having to add TALK
permission
- fix memory leaks
+ Internal changes:
- Better const-correctness
- Fix a shellcheck warning in the tests
- add weak dep on p11-kit-server for certificate transfer (boo#1188902)
- disable parental controls for now by using '-Dmalcontent=disabled', to work around
issues with xdg-desktop-portal
Update to version 1.14.10:
+ Dependencies: In distributions that compile Flatpak to use a
separate bubblewrap (bwrap) executable, either version 0.10.0,
version 0.6.x ≥ 0.6.3, or a version with a backport of the
--bind-fd option is required. These versions add a new feature
which is required by the security fix in this release.
+ Security fixes: Don't follow symbolic links when mounting
persistent directories (--persist option). This prevents a
sandbox escape where a malicious or compromised app could edit
the symlink to point to a directory that the app should not have
been allowed to read or write. (bsc#1229157, CVE-2024-42472,
GHSA-7hgv-f2j8-xw87)
+ Documentation: Mark the 1.12.x and 1.10.x branches as
end-of-life (#5352)
+ Version 1.14.9 was not released due to an incompatibility with
older versions of GLib. Version 1.14.10 replaces it.
Update to version 1.14.8:
+ No changes. This release is rolling out to correct mismatching
submodule versions in the release tarball.
Update to version 1.14.7:
+ New features: Automatically reload D-Bus session bus
configuration after installing or upgrading apps, to pick up
any exported D-Bus services (#3342)
+ Bug fixes:
- Expand the list of environment variables that Flatpak apps do
not inherit from the host system (#5765, #5785)
- Don't refuse to start apps when there is no D-Bus system bus
available (#5076)
- Don't try to repeat migration of apps whose data was migrated
to a new name and then deleted (#5668)
- Fix warnings from newer GLib versions (#5660)
- Always set the container environment variable (#5610)
- In flatpak ps, add xdg-desktop-portal-gnome to the list of
backends we'll use to learn which apps are running in the
background (#5729)
- Avoid leaking a temporary variable from
/etc/profile.d/flatpak.sh into the shell environment (#5574)
- Avoid undefined behaviour of signed left-shift when storing
object IDs in a hash table (#5738)
- Fix Docbook validity in documentation (#5719)
- Skip more tests when FUSE isn't available (#5611)
- Fix a misleading comment in the test for CVE-2024-32462
(#5779)
+ Internal changes:
- Fix Github Workflows recipes
Update to version 1.14.6:
+ Security fixes:
- Don't allow an executable name to be misinterpreted as a
command-line option for bwrap(1). This prevents a sandbox
escape where a malicious or compromised app could ask
xdg-desktop-portal to generate a .desktop file with access
to files outside the sandbox. (CVE-2024-32462, bsc#1223110)
+ Other bug fixes:
- Don't parse <developer><name/></developer> as the application
name (#5700)
bubblewrap changes:
Update to 0.11.0:
* New --overlay, --tmp-overlay, --ro-overlay and --overlay-src
options allow creation of overlay mounts. This feature is not
available when bubblewrap is installed setuid.
* New --level-prefix option produces output that can be parsed
by tools like logger --prio-prefix and
systemd-cat --level-prefix=1
* bug fixes and developer visible changes
Update to version v0.10.0:
* New features: Add the --[ro-]bind-fd option, which can be used
to mount a filesystem represented by a file descriptor without
time-of-check/time-of-use attacks. This is needed when
resolving security issue in Flatpak.
(CVE-2024-42472, bsc#1229157)
* Other changes: Fix some confusing syntax in SetupOpFlag (no
functional change).
Update to v0.9.0:
* Build system changed to Meson from Autotools
* Add --argv0
https://github.com/containers/bubblewrap/issues/91
* --symlink is now idempotent, meaning it succeeds if the symlink
already exists and already has the desired target
* Clarify security considerations in documentation
* Clarify documentation for --cap-add
* Report a better error message if mount(2) fails with ENOSPC
* Fix a double-close on error reading from --args, --seccomp or
--add-seccomp-fd argument
* Improve memory allocation behaviour
wayland-protocols was changed:
Update to version 1.36:
* xdg-dialog: fix missing namespace in protocol name
Changes from version 1.35:
* cursor-shape-v1: Does not advertises the list of supported cursors
* xdg-shell: add missing enum attribute to set_constraint_adjustment
* xdg-shell: recommend against drawing decorations when tiled
* tablet-v2: mark as stable
* staging: add alpha-modifier protocol
Update to 1.36:
* Fix to the xdg dialog protocol
* tablet-v2 protocol is now stable
* alpha-modifier: new protocol
* Bug fix to the cursor shape documentation
* The xdg-shell protocol now also explicitly recommends against
drawing decorations outside of the window geometry when tiled
Update to 1.34:
* xdg-dialog: new protocol
* xdg-toplevel-drag: new protocol
* Fix typo in ext-foreign-toplevel-list-v1
* tablet-v2: clarify that name/id events are optional
* linux-drm-syncobj-v1: new protocol
* linux-explicit-synchronization-v1: add linux-drm-syncobj note
Update to version 1.33:
* xdg-shell: Clarify what a toplevel by default includes
* linux-dmabuf: sync changes from unstable to stable
* linux-dmabuf: require all planes to use the same modifier
* presentation-time: stop referring to Linux/glibc
* security-context-v1: Make sandbox engine names use reverse-DNS
* xdg-decoration: remove ambiguous wording in configure event
* xdg-decoration: fix configure event summary
* linux-dmabuf: mark as stable
* linux-dmabuf: add note about implicit sync
* security-context-v1: Document what can be done with the open
sockets
* security-context-v1: Document out of band metadata for flatpak
- Use gcc11 in SLE15 in order to fix a ppc64le test that was
failing when built with gcc7 (boo#1216320)
Update to version 1.32:
* ext-foreign-toplevel-list: new protocol
* cursor-shape-v1: new protocol
* security-context-v1: new protocol
* xdg-shell: add suspended toplevel state
* Apart from these new additions, this release also brings the
usual clarifications, cleanups and fixes.
</description>
<issue id="1188902" tracker="bnc"/>
<issue id="PED-10504" tracker="jsc"/>
<issue id="1212476" tracker="bnc"/>
<issue id="1188902" tracker="bnc"/>
<issue id="1212476" tracker="bnc"/>
<issue id="1216320" tracker="bnc"/>
</patchinfo>
