Tags

Tags give the ability to mark specific points in history as being important

  • upstream/1.15.7

    21ec22fb · New upstream version 1.15.7 · 
    Upstream version 1.15.7

  • 1.14.5

    17455f97 · Automated update of translation files for 1.14.5 · 
    flatpak 1.14.5

Features:

 * Stop http transfers if a download in progress becomes very slow (#5519)

 * Add anchors to link to sections of flatpak-metadata documentation (#5582)

Bug fixes:

 * Avoid warnings processing symbolic links with GLib >= 2.77.0, and
   with GLib 2.76.0 (GLib 2.76.1 or later silences these warnings)

 * Bypass page cache for backend requests in revokefs, fixing installation
   errors with libostree 2023.4 (#5452)

 * Show AppStream metadata in `flatpak remote-info` as intended
   (#5523; regression in 1.9.1)

 * Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES
   from the host system, which would be wrong for the sandbox (#5553)

 * Fix build failure with prereleases of libappstream 0.17.x (#5472)

 * Forward-compatibility with libappstream 1.0 (#5563)

 * Fix a memory leak (#5329)

 * Fix compiler warnings (#5362, #5366)

 * Make the tests fail more comprehensibly if a required tool is missing
   (#5020)

 * Clean up `/var/tmp/flatpak-cache-*` directories on boot (#1119)

 * Don't force `GIO_USE_VFS=local` for programs launched via flatpak-spawn
   (#5567)

 * Clarify documentation for D-Bus name ownership (#5582)

Internal changes:

 * CI improvements (#5381)

Git-EVTag-v0-SHA512: dc5b44cc5b6c1282ca2250d2bfffa39dfc09a82b55ae14185f6256f8cb70a5201e3a41d027292a038d206c91ba52b002022067df69f6500e996db47da31b7b47
    Unverified

  • debian/1.14.5-1

    87216b31 · Release to unstable · 
    flatpak release 1.14.5-1 for unstable (sid)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • upstream/1.14.5

    00bc1c23 · New upstream version 1.14.5 · 
    Upstream version 1.14.5

  • debian/1.15.6-1

    fea67a11 · Release to experimental · 
    flatpak release 1.15.6-1 for experimental (rc-buggy)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • 1.15.6

    27b11b93 · Update translation files for v1.15.6 · 
    flatpak 1.15.6

Dependencies:

 * In distributions that compile Flatpak to use a separate bubblewrap (bwrap)
   executable, version 0.8.0 is now required.

 * Enabling the optional Wayland security context feature requires
   libwayland-client, wayland-scanner >= 1.15 and wayland-protocols >= 1.32.

 * Ubuntu 18.04 is no longer routinely tested. Support for dependency
   versions included in Ubuntu 18.04 should be considered "at risk".

Features:

 * Add --device=input, for access to evdev devices in /dev/input (#5481)

 * Update bundled copy of bubblewrap to version 0.8.0, and rely on its
   features:
     * Improve error message if seccomp is disabled in kernel config
     * Security hardening: set user namespace limit to 0, to prevent creation
       of nested user namespaces in a more robust way (#5084)

 * For subsandboxes started by flatpak-portal, inherit environment
   variables from the `flatpak run` that started the original instance
   rather than from flatpak-portal, fixing behaviour of FLATPAK_GL_DRIVERS
   and similar features (#5278)

 * Stop http transfers if a download in progress becomes very slow (#5519)

 * Make it easier to configure extra languages, by picking them up from
   AccountsService if configured there (#5006)

 * Add new flatpak_transaction_add_rebase_and_uninstall() API,
   allowing end-of-life apps to be replaced by their intended replacement
   more reliably (#3991)

 * Create a private Wayland socket with the "security context" extension
   if available, allowing the compositor to identify connections from
   sandboxed apps as belonging to the sandbox (#4920, #5507, #5558)

 * Update libglnx to 2023-08-29
     * Use features of newer GLib versions if available
     * Turn off system-level crash reporting infrastructure during
       some unit tests that involve intentional assertion failures

 * Add anchors to link to sections of flatpak-metadata documentation (#5582)

 * New translations: ka, nl.

Bug fixes:

 * Avoid warnings processing symbolic links with GLib >= 2.77.0, and
   with GLib 2.76.0 (GLib 2.76.1 or later silences these warnings)

 * Bypass page cache for backend requests in revokefs, fixing installation
   errors with libostree 2023.4 (#5452)

 * Show AppStream metadata in `flatpak remote-info` as intended
   (#5523; regression in 1.9.1)

 * Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES
   from the host system, which would be wrong for the sandbox (#5553)

 * Fix build failure with prereleases of libappstream 0.17.x (#5472)

 * Forward-compatibility with libappstream 1.0 (#5563)

 * Fix installation with Meson if configured with -Dauto_sideloading=true
   (#5495)

 * Fix a memory leak (#5329)

 * Fix compiler warnings (#5362, #5366)

 * Make the tests fail more comprehensibly if a required tool is missing
   (#5020)

 * Clean up `/var/tmp/flatpak-cache-*` directories on boot (#1119)

 * Don't force `GIO_USE_VFS=local` for programs launched via flatpak-spawn
   (#5567)

 * Clarify documentation for D-Bus name ownership (#5582)

 * Translation updates: id, tr, zh_CN
   (#5332, #5565)

Internal changes:

 * Split up large source files into smaller modules, reducing internal
   circular dependencies (#5410, #5411, #5415, #5419, #5416, #5414)

 * Re-synchronize code backported from GLib with the version in GLib
   (#5410)

 * Make the flags used to apply "extra data" clearer (#5466)

 * Use glnx_opendirat() where possible (#5527)

 * CI improvements (#5374, #5381)

Git-EVTag-v0-SHA512: 89a8b1248147640dc1729a4ee42a2bec5e887d97ece9eb7dcf1a11ae03c40a7eabb3d25eb9a8ab7be4548c68f4b9a5d6a6c3902d3912c8748aea1879de8b80b6
    Unverified

  • upstream/1.15.6

    974b5901 · New upstream version 1.15.6 · 
    Upstream version 1.15.6

  • debian/1.14.4-2

    71bc7481 · releasing package flatpak version 1.14.4-2 · 
    tagging package flatpak version debian/1.14.4-2
    Unverified

  • debian/1.10.8-0+deb11u1

    9aa43c35 · d/changelog: Add bug numbers · 
    flatpak release 1.10.8-0+deb11u1 for bullseye (bullseye)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • 1.10.8

    d771946b · Update translation files for 1.10.8 release · 
    flatpak 1.10.8

Security fixes:

 * Escape special characters when displaying permissions and metadata,
   preventing malicious apps from manipulating the appearance of the
   permissions list using crafted metadata (CVE-2023-28101).

 * If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.),
   don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
   Note that this is specific to virtual consoles: Flatpak is not
   vulnerable to this if run from a graphical terminal emulator such as
   xterm, gnome-terminal or Konsole.

Other bug fixes:

 * If an app update is blocked by parental controls policies, clean up the
   temporary deploy directory (#5146)
 * Fix Autotools build with versions of gpgme that no longer provide
   gpgme-config(1) (#5173)
 * Fix regressions in `flatpak history` since 1.9.1
   - Don't display the appstream branch used internally
   - Don't display temporary repositories used internally
   - Ignore transaction log entries with empty REF field
   - Warn instead of failing if other non-app, non-runtime refs are found
   - Don't set up an unnecessary polkit agent for `flatpak history`
   - Add test coverage
 * Fix a typo in an error message
 * Fix incorrect year in NEWS for 1.10.7 release
 * Translation update: pl
 * Add test coverage for Flatpak's seccomp filters

Git-EVTag-v0-SHA512: 8962500582d542dbbc332ba8fe43866bf57f7d18873edba13dfdc83e7eeb67bb4ed4f0d3688f6978cbfad80709ebdfc0f03826b873027936b259f1b1fd0da2f5
    Unverified

  • 1.12.8

    c87d8b25 · Update translation files for 1.12.8 release · 
    flatpak 1.12.8

Security fixes:

* Escape special characters when displaying permissions and metadata,
  preventing malicious apps from manipulating the appearance of the
  permissions list using crafted metadata (CVE-2023-28101).

* If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.),
  don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
  Note that this is specific to virtual consoles: Flatpak is not
  vulnerable to this if run from a graphical terminal emulator such as
  xterm, gnome-terminal or Konsole.

Other bug fixes:

* Update the SELinux module to explicitly permit the system helper have read
  access to /etc/passwd and systemd-userdbd, read and lock access to
  /var/lib/flatpak, and watch files inside $libexecdir
  (#4852, #4855, #4892; Red Hat #2071217, #2071215, #2070741,
  #2053634, #2070350)
* If an app update is blocked by parental controls policies, clean up the
  temporary deploy directory (#5146)
* Fix Autotools build with versions of gpgme that no longer provide
  gpgme-config(1) (#5173)
* Remove some unreachable code (Coverity: CID 1514265)
* Add missing handling for some D-Bus errors

Git-EVTag-v0-SHA512: b8360cfc1de210ab96fd73547a1c6c99e4b75a9baa9485b8edb8b88300524132598f3b645a04b649a67a11f2e51846579f9886e000e7940686f60b6411627103
    Unverified

  • 1.14.4

    8a1edcea · Update translation files for 1.14.4 release · 
    flatpak 1.14.4

Security fixes:

* Escape special characters when displaying permissions and metadata,
  preventing malicious apps from manipulating the appearance of the
  permissions list using crafted metadata (CVE-2023-28101).

* If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.),
  don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
  Note that this is specific to virtual consoles: Flatpak is not
  vulnerable to this if run from a graphical terminal emulator such as
  xterm, gnome-terminal or Konsole.

Other bug fixes:

* Translation update: pl

Git-EVTag-v0-SHA512: a83091c2a471dbb072f231e53ebe24edab3ecfdfd99fdbc6aa2d11a56441fe8117f01a3c6244e83cac7a603273e338309c72e527badf86c4ab2e0c8471a86b8e
    Unverified

  • 1.15.4

    e936e310 · Update translation files for release · 
    flatpak 1.15.4

Security fixes:

* Escape special characters when displaying permissions and metadata,
  preventing malicious apps from manipulating the appearance of the
  permissions list using crafted metadata (CVE-2023-28101).

* If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.),
  don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100).
  Note that this is specific to virtual consoles: Flatpak is not
  vulnerable to this if run from a graphical terminal emulator such as
  xterm, gnome-terminal or Konsole.

Other bug fixes:

* Document the path used for `flatpak override`
* Translation updates: oc, pl, ru, sv, tr

Git-EVTag-v0-SHA512: da193fee33f3108222ff5e3b48fdd6c41ff5215fd0e556864f597f3a81d521fa794ec1c6918b67c0efe47b9be0a03181d2a1f2ab9910fdb8479d3f5da65372d5
    Unverified

  • debian/1.14.4-1_bpo11+1

    063ce2c8 · Rebuild for bullseye-backports · 
    flatpak release 1.14.4-1~bpo11+1 for bullseye-backports (bullseye-backports)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • upstream/1.10.8

    cc87a693 · New upstream version 1.10.8 · 
    Upstream version 1.10.8

  • upstream/1.12.8

    526c9618 · New upstream version 1.12.8 · 
    Upstream version 1.12.8

  • debian/1.15.4-1

    600a94d1 · Release to experimental · 
    flatpak release 1.15.4-1 for experimental (experimental)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • debian/1.14.4-1

    9d2b0294 · Release to unstable · 
    flatpak release 1.14.4-1 for unstable (sid)

(maintainer view tag generated by dgit --quilt=unapplied)

[dgit distro=debian split --quilt=unapplied]
    Unverified

  • upstream/1.14.4

    7e4a25f1 · New upstream version 1.14.4 · 
    Upstream version 1.14.4

  • upstream/1.15.4

    358194cb · New upstream version 1.15.4 · 
    Upstream version 1.15.4