SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for flatpak-1.12.7-163.1.i586.rpm :

* Tue Mar 15 2022 Andreas Stieger - Update to version 1.12.7: + allow networked access to X11 and PulseAudio services if that is configured, and the application has network access + Absolute paths in WAYLAND_DISPLAY now work + Allow apps that were built with Flatpak 1.13.x to export AppStream metadata in share/metainfo + Most commands now work if /var/lib/flatpak exists but /var/lib/flatpak/repo does not, and will automatically populate the repo directory if possible + Consistently pass relative subpaths to libostree, working around a bug in libostree < 2021.6 when used with GLib >= 2.71 + Fix some memory leaks in GVariant data processing
* Tue Feb 22 2022 Andreas Stieger - Update to version 1.12.6: + Fix a bug that sometimes caused repo corruption in case downloads are interrupted or canceled, necessitating a \"flatpak repair\" to recover + More reliably detect the GTK theme + Fix history command unit test in some edge cases + Updated translations.
* Sun Feb 13 2022 Dirk Müller - drop apparently unused libdwarf buildrequires
* Fri Feb 11 2022 Andreas Stieger - Update to version 1.12.5: + Detect and remove left-over data from /var/lib/flatpak/appstream + Fix display bugs in flatpak history + Don\'t set up an unnecessary polkit agent for flatpak history + Don\'t propagate GStreamer-related environment variables into sandbox + Updated translations.
* Tue Jan 18 2022 Andreas Stieger - Update to 1.12.4: + reverting non-backwards-compatible behaviour changes in the solution previously chosen for CVE-2022-21682 (boo#1194611) Fix will be in flatpak-builder 1.2.2. + Clarify documentation of --nofilesystem + Improve unit test coverage around --filesystem and - -nofilesystem + Restore compatibility with older appstream-glib versions, fixing a regression in 1.12.3
* Wed Jan 12 2022 Andreas Stieger - Update to 1.12.3: + CVE-2021-43860: a malicious repository could have sent invalid application metadata in a way that hides some of the app permissions displayed during installation (boo#1194610) + CVE-2022-21682: flatpak-builder could allow - -mirror-screenshots-url commands to create directories outside of the build directory (boo#1194611) + Extra-data downloading now properly handles compressed content-encodings which fixes checksum verification + Note: In some corner case server setups this may require the extra-data checksum to be changed + Avoid unnecessary policy-kit dialog due to auto-pinning when installing runtimes + Better handling of updates of extensions that exist in multiple repositories + Fixed (initial) installation apps with renamed ids + Fixed regression in updates from no-enumerate remotes + We now verify checksums of summary caches, to better handle local file corruption + Improved cli output for non-terminal targets + Flatpak run --session-bus now works + Fix build with PyParsing >= 3.0.4 + Fixed \"Since\" annotations on FlatpakTransaction signals + bash auto completion now doesn\'t complete on command name aliases + Minor improvements to the search command + Minor improvements to the list command + Minor improvements to the repair command + Add more tests + Updated translations.- Drop support-new-pyparsing.patch: Fixed upstream.
* Thu Dec 09 2021 Steve Kowalik - Add patch support-new-pyparsing.patch:
* Support pyparsing >= 3.0.4.
* Wed Oct 13 2021 Andreas Stieger - Update to 1.12.2: + Install translations referenced by LANG, LANGUAGE or LC_ALL + Fix error handling for the syscalls that are blocked when not using --devel + Improve diagnostic messages when seccomp rules cannot be applied + Updated translations.
* Sat Oct 09 2021 Bjørn Lie - Update to version 1.12.1: + The security fix in the 1.12.0 release failed when used with some older versions of libseccomp (that don\'t know about the new syscalls).
* Fri Oct 08 2021 Bjørn Lie - Update to version 1.12.0: + This is the first stable release in the 1.12.x series. The major changes in this series is the support for better control of sub-sandboxes, as used by the steam flatpak. + In addition, this release fixes a security vulnerability in the portal support. Some recently added syscalls were not blocked by the seccomp rules which allowed the application to create sub-sandboxes which can confuse the sandboxing verification mechanisms of the portal. This has been fixed by extending the seccomp rules (boo#1191507, CVE-2021-41133) + Some test fixes + Support for specifying the flatpak binary to use during exports + Install translations for all languages in the locale, not just the ones in LC_MESSAGES. + Fix progress reporting in flatpak fsck + Handle cases where /var/tmp is a symlink + Expose /etc/gai.conf to the sandbox + Fix the parental control checks for root + Handle missing /etc/ld.so.cache (musl) + Updated translations
* Wed Aug 25 2021 andy great - Update to version 1.11.3.
* Bug fixes:
* Don\'t inherit an unusual $XDG_RUNTIME_DIR setting into the sandbox, fixing a regression introduced when CVE-2021-21261 was fixed in 1.8.5 and 1.10.0
* Update the included copy of bubblewrap (flatpak-bwrap) to 0.5.0
* Better diagnostics when a --bind or other bind-mount fails
* Create non-directories with safer permissions
* Allow mounting an non-directory over an existing non-directory
* Silence kernel messages for our bind-mounts
* Improve ability to bind-mount directories on case-insensitive filesystems
* Don\'t ask user which remote to download from if there is only one option
* Internal changes:
* Improve test coverage
* Spelling fixes
* Translation updates: Brazilian Portuguese, Russian, Spanish, Ukrainian
* Fri Jun 18 2021 Callum Farmer - Add now working CONFIG parameter to sysusers generator
* Fri Jun 18 2021 Paolo Stivanin - Update to version 1.11.2: + Bug fixes: - Fix logic error when migrating AppStream XML - Improve error-checking - Fix various memory and file descriptor leaks, in particular with flatpak-spawn --env=... - Fix fd confusion in flatpak-spawn --env=... --forward-fd=..., which caused \"Steam Linux Runtime\" containers to fail to start - Avoid a crash when looking up summary for a ref without an arch - Improve handling of refs belonging to more than one architecture, e.g. for cross-compilation - Don\'t abort uninstall if deploy metadata is missing - Don\'t fail transaction if searching for dependencies fails in one remote - Fix test failure when running tests as root - Improve error message for \'sudo flatpak run\' + Internal changes: - Improve printf format string validation - Improve test coverage - Reduce risk of accidentally hard-coding x86 in the tests
* Tue Apr 27 2021 Antonio Larrosa - Update to version 1.11.1: + New features: - All instances of the same app-ID share their /tmp directory - All instances of the same app-ID share their $XDG_RUNTIME_DIR - Instances of the same app-ID can optionally share their /dev/shm directory (enabled by a new --allow flag, - -allow=per-app-dev-shm) - Allow a subsandbox to have a different /usr and/or /app. - Steam will use this to launch games with its own container runtime as /usr (the \"Steam Linux Runtime\" mechanism). - enter: Improve support for TUI programs like gdb - build-update-repo: Add a higher-performance reimplementation of ostree prune specialized for archive-mode repositories + Bug fixes: - Fix deploys of local remotes in system-helper - Fix test failures on non-x86_64 systems - Fix two intermittent test failures - Make polkit queries non-interactive when operating in non-interactive mode - Use a local main-context when using libsoup in a thread - create-usb: Skip copying extra-data flatpaks - OCI: Switch to pax-format tar archives - history: Handle transaction log entries with empty REF field - portal: Fix flatpak-spawn --clear-env on OSs where flatpak is not on the fallback PATH, such as NixOS - Fix various issues detected by scan-build + Internal changes: - Use GNU bison to build parse-datetime.y - Add information about security support and security vulnerability reporting (see SECURITY.md) - Move all git submodules into subprojects/ directory - Several sockets are now created in /run/flatpak in the sandbox, with symbolic links in $XDG_RUNTIME_DIR
* Wed Mar 10 2021 Antonio Larrosa - Update to version 1.10.2: + This is a security update which fixes a potential attack where a flatpak application could use custom formated .desktop files to gain access to files on the host system. + Fix memory leaks + Some test fixes + Documentation updates + G_BEGIN/END_DECLS added to library headders for c++ use + Fix for X11 cookies on OpenSUSE + Spawn portal better handles non-utf8 filenames
* Thu Jan 28 2021 Antonio Larrosa - Flatpak only requires glib 2.44, not 2.60- Update ostree version required to 2020.8
* Sun Jan 24 2021 Andreas Stieger - Update to version 1.10.1: + Fix flatpak build on systems with setuid bwrap + Fix some compiler warnings + Fix crash on updating apps with no deploy data + Updated translations.- Remove deprecated texinfo packaging macros.- Switch to upstream release tarball.
* Fri Jan 15 2021 Bjørn Lie - Update to version 1.10.0: + The major new feature in this series compared to 1.8 is the support for the new repo format which should make updates faster and download less data. + The systemd generator snippets now call flatpak - -print-updated-env in place of a bunch of shell for better login performance. + The .profile snippets now disable GVfs when calling flatpak to avoid spawning a gvfs daemon when logging in via ssh. + Build fixes for GCC 11. + Flatpak now finds the pulseaudio sockets better in uncommon configurations. + Sandboxes with network access it now also has access to the systemd-resolved socket to do dns lookups. + Flatpak supports unsetting env vars in the sandbox using - -unset-env, and --env=FOO= now sets FOO to the empty string instead of unsetting it. + Similarly the spawn portal has an option to unset an env var. + The spawn portal now has an option to share the pid namespace with the sub-sandbox.
* Fri Jan 15 2021 Bjørn Lie - Update to version 1.8.5 (CVE-2021-21261): + This is a security update that fixes a sandbox escape where a malicious application can execute code outside the sandbox by controlling the environment of the \"flatpak run\" command when spawning a sub-sandbox (boo#1180996)
* Thu Jan 07 2021 Bjørn Lie - Update to version 1.8.4: + Fix support for ppc64.
* Wed Dec 30 2020 Frederic Crozat - Move flatpak-bisect and flatpak-coredumpctl to devel subpackage, allow to remove python3 dependency on main package.
* Tue Dec 15 2020 Martin Liška - Enable LTO (boo#1133124) as gobject-introspection works fine with LTO.
* Mon Nov 23 2020 Dominique Leuenberger - Update to version 1.8.3: + Fixed progress reporting for OCI and extra-data. + The in-memory summary cache is more efficient. + Fixed authentication getting stuck in a loop in some cases. + Fixed authentication error reporting. + We now extract OCI info for runtimes as well as apps. + Fixed crash if anonymous authentication fails and -y is specified. + flatpak info now only looks at the specified installation if one is specified. + Better error reporting for server HTTP errors during download. + Uninstall now removes applications before the runtime it depends on. + Fixed test-suite to pass with the latest OSTree version. + Fixed dbus environment variables in flatpak enter. + Avoid updating metadata from the remote when uninstalling. + Fixed error message handling in various places. + FlatpakTransaction now verifies all passed in refs to avoid. + potential issues with invalid names. + Updated translations.
* Sat Aug 22 2020 Bjørn Lie - Update to version 1.8.2: + Added validation of collection id settings for remotes. + Fix seccomp filters on s390. + Robustness fixes to the spawn portal. + Fix support for masking update in the system installation. + Better support for distros with uncommon models of merged /usr. + Cache responses from localed/AccountService. + Fix hangs in cases where xdg-dbus-proxy fails to start. + Fix double-free in cups socket detection. + OCI authenticator now doesn\'t ask for auth in case of http errors.
* Wed Aug 19 2020 Dominique Leuenberger - Fix invalid usage of %{_libexecdir} to reference systemd directories.
* Fri Jul 10 2020 Antonio Larrosa - Update to version 1.8.1:
* Avoid calling authenticator in update if ref didn\'t change
* Don\'t fail transaction if ref is already installed (after transaction start)
* Fix flatpak run handling of userns in the --device=all case
* Fix handling of extensions from different remotes
* Fix flatpak run --no-session-bus
* Updated translations- Update to version 1.8.0:
* FlatpakTransaction has a new signal \"install-authenticator\" which clients can handle to install authenticators needed for the transaction. This is done in the CLI commands.
* We now always expose the host timezone data, allowing us the expose the host /etc/localtime in a way that works better, fixing several apps that had timezone issues.
* Fix flatpak enter which didn\'t work in some cases.
* We now ship a systemd unit (not installed by default) to automatically detect plugged in usb sticks with sideload repos.
* By default we no longer install the gdm env.d file, as the systemd generators work better.
* create-usb now exports partial commits by default
* Fix handling of docker media types in oci remotes
* Fix subjects in remote-info --log output- Remove source file used to generate a flatpak user on the system since it\'s now included by upstream:
* system-user-flatpak.conf
* Tue Jul 07 2020 Callum Farmer - Fixes for %_libexecdir changing to /usr/libexec
* Thu Jun 25 2020 Bjørn Lie - Update to version 1.6.4: + This release backports some of the OCI authenticator fixes from the 1.7 series, and should now be able to host flatpak images on e.g. docker hub. + Other changes: - Fix a use-after free in libflatpak. - Don\'t list p2p downgrades in list of available updates.
* Tue Jun 16 2020 Yifan Jiang - Create a skeleton flatpak repo using \"flatpak remotes\" instead of a manually created directory (bsc#1172316, bsc#1169619, bsc#1170416).
* Mon May 18 2020 Yifan Jiang - When SLE uses GNOME desktop environment, GNOME Software is automatically started to provide key update features. During the startup, it setups flatpak repository so that related features can function properly. In a system environment of no flatpak repository has ever been setup before, this triggers \"org.freedesktop.Flatpak.modify-repo\" polkit action. Therefore in systems which use a restrictive security policy (eg. SLES) for the aforementioned policy action, a polkit authentication dialog will pop up without any user interaction for the first time login. This is not user friendly. This submission creates /var/lib/flatpak/repo at package installation to avoid such a confusing authentication pop-up, at nearly 0 cost of security compromise (bsc#1169619, bsc#1170416).
* Mon Apr 06 2020 Antonio Larrosa - Require bubblewrap 0.4.1
* Mon Apr 06 2020 Antonio Larrosa - Update to version 1.6.3: + The main change in this version is a fix for a regression in the progress calculation for applications using extra-data. Additionally the bundled version of bubblewrap is updated to 0.4.1 which fixes a security issue in some cases. See GHSA-j2qp-rvxj-43vj for details. + Don\'t break if users primary gid is not in the nsswitch database + Fix crash in flatpak repair if no remotes are configured + Some updates to the oci authenticator + Retry downloads of extra data + Updated translations.
* Sun Feb 16 2020 Bjørn Lie - Drop obsolete _servicedata file.
* Thu Feb 13 2020 Antonio Larrosa - Update to version 1.6.2: + Due to a combination of some behaviour in flatpak and recent versions of ostree we at some point lost the use of deltas for the initial install case, instead always falling back to a full ostree operation which is a lot less efficient for pulls with many small files like a runtime. This caused some very slow installs from e.g. flathub, so it\'s recommended to update to this version to get better install performance. + We now correctly handle TMPDIR env var overrides when bwrap is setuid + Disallow running \"flatpak run\" under sudo (as it doesn\'t work and causes issues) + Fix build with older versions of glib + Minor documentation updates + Updated translations.
* Thu Jan 30 2020 Antonio Larrosa - Update to version 1.6.1: + This is a (mild) security update. Flatpak 1.6.0 added the ability for an application to request it to be updated, as long as the new version doesn\'t require new permissions. Unfortunately in some special cases, if an app had access to the home directory, but not the rest of the filesystem it would still allow a self-update where the new version could access some files outside the home directory. + New permission --device=shm giving access to host /dev/shm, as needed for jack. + Generated correct download size in build-commit-from + sub-sandbox now allows the child to share the gpu of the caller has full device access + Fix crash with disabled remotes + Fix builds with older versions of glib + Updated translations.
* Sat Jan 25 2020 Dominique Leuenberger - No longer recommend -lang: supplements are in use
* Tue Jan 14 2020 Antonio Larrosa - Update dependencies required by flatpak 1.6.0 .- Require xdg-dbus-proxy instead of building the (outdated) builtin version.
* Mon Dec 30 2019 Dominique Leuenberger - Change %_prefix/lib to %_libexecdir: Makefile installs the file explicitly into libexecdir. Let\'s be ready in case this path is going to change.
* Fri Dec 27 2019 Dominique Leuenberger - Co-own /usr/lib/systemd/user-environment-generators. We don\'t want to forcibly pull in systemd into the buildroot just to own this directory.
* Fri Dec 20 2019 Bjørn Lie - Update to version 1.6.0: + This is the first stable release in the 1.6 series, main changes since 1.4 is the support for protected content and improvements in the self-sandboxing support. + There is one change in the support for OCI remotes, we now only support the use of labels, not annotations, as labels work with more registries. This means pre-existing OCI flatpak registries (like fedora) may need some changes. + New permissions --socket=cups for direct cups access. + Fix some leaks. + Fix reporting of progress with latest version of ostree. + New no-interaction flag for authenticators. + Support for auto-installing authenticators from a flatpak remote. + Warn less about unset XDG_DATA_DIRS. + Don\'t poll for updates in the portal when on a metered connection.- Modernize spec with current macros.
* Mon Nov 25 2019 Frederic Crozat - Package empty /etc/flatpak/remotes.d.
* Wed Nov 20 2019 Dominique Leuenberger - Add pkgconfig(libsystemd) BuildRequires (boo#1157126).- Drop systemd_requires: strictly speaking, we do not require systemd.
* Mon Oct 21 2019 Bjørn Lie - Update to version 1.4.3: + Fix crash in revokefs. + Handle \'versions\' extension key (in addition to \'version\') when checking for local extensions, which was causing us to uninstall some actually used extensions with uninstall - -unused. + The \'required-flatpak\' metadata key now supports listing multiple versions to support backported features. + Fix crash with older versions of polkit. + Fix installation of bundles. + Fix crash on deploy error. + Support building bundles of apps installed from a remote. + OCI: Fix handling of locally cached icons. + Fix crash when listing unconfigured remotes. + Ignore differences in trailing slashes for repo uris.
* Mon Jul 08 2019 Dominique Leuenberger - Add system-user-flatpak.conf: generate a flatpak user for the system helper (boo#1137537).
* Wed Jul 03 2019 Antonio Larrosa - Update to version 1.4.2:
* Support extra_data in extensions.
* Handle double slashes (\"//\") in XDG_DATA_DIRS.
* Fix detection of local related refs.- jsc#SLE-7171
* Fri Jun 14 2019 Antonio Larrosa - Add a _dbusconfigdir variable in the spec file so we install the flatpak-system-helper config file in a location actually read by dbus, which didn\'t support having config files in /usr/share until 1.9.18 (first introduced in SLE15).- Remove the systemd environment generator if building with systemd < 233 which doesn\'t support environment generators.- Rename the libflapak-doc.xml file which has a typo in the name upstream.- BuildRequire libgpgme-devel, not libqgpgme-devel which is not really needed.
* Thu Jun 13 2019 Bjørn Lie - Update to version 1.4.1: + There was an accidental ABI break in libflatpak in 1.4.0 compared to the 1.2.x ABI which caused crashes in apps like gnome-software. + This has been fixed in this release so it is now ABI compatible with 1.2.x, but NOT compatible with 1.4.0. It is recommended that all distributions that shipped 1.4.0 update to 1.4.1 and rebuild all dependencies of libflatpak. + Make ABI compatible with 1.2.x. + Fix some potential crashes. + Fix some corner case where it was impossible to remove a remote. + Restore support for file: uris in the RuntimeRepo key in flatpakref files. + Updated translations.
* Wed May 29 2019 Bjørn Lie - Update to version 1.4.0: + This is the new stable series, ending the 1.3.x series. The major changes since the 1.2.x is the improved I/O use for system-installed applications, and the new format for pre-configured remotes.
* Mon May 13 2019 Dominique Leuenberger - Replace systemd-gtk BuildRequires with pkgconfig(systemd): make the build cheaper by not having to wait for the \'real\' systemd package to have built, but allow to use systemd-mini. The change in the stack causing this was polkit dropping its hard dep on systemd.
* Sat May 11 2019 Bjørn Lie - Add systemd-gtk BuildRequires: Needed now after changes elsewhere in the stack.
* Wed Apr 24 2019 Martin Liška - Disable LTO (boo#1133124).
* Thu Mar 28 2019 Andrei Dziahel - Update to verson 1.2.4 (CVE-2019-10063): + It has been discovered that the previous fix for CVE-2017-5226, which uses seccomp to prevent sandboxed apps from using the (dangerous) TIOCSTI ioctl was only incomplete on 64bit arches. This is now fixed (boo#1130637, gh#flatpak/flatpak#2782). + seccomp: Only compare the low 32bit of the TIOCSTI ioctl args. + Support multiple nvidia cards on the machine + Fix support for systems where XDG_RUNTIME_DIR is /var/run which is a symlink like gentoo. + Fix potential crash when updating apps. + flatpak list --arch now works correctly again. + Updated translations.
* Wed Feb 13 2019 alarrosaAATTsuse.com- Update to version 1.2.3: + Don\'t expose /proc in apply_extra script sandbox. The CVE-2019-5736 runc vulnerability is about using /proc/self/exe to modify the host side binary from the sandbox. This mostly does not affect flatpak since the flatpak sandbox is not run with root permissions. However, there is one case (running the apply_extra script for system installs) where this happens, so this release contains a fix for that.- Update to version 1.2.2: + Reverted green checkbox as they caused table alignment issues + Fix a division by zero if the terminal reports a zero terminal width (which happens in the flathub build environment).- Update to version 1.2.1: + Ensure flatpak builds with older versions of glib and appstream-glib. + build-commit-from: Fix the new --extra-id option. + build-export: Allow disabling the sandboxing of the icon validator and do so during the tests. + profile: Don\'t break if debug logging is enabled. + Better handling of the appdata release attribute. + Don\'t install polkit agent when not needed, avoiding some unnecessary log lines in some cases. + Fix the output of the sandboxed icon validator not being visible. + builld-init: Allow specifying a full ref for the sdk, which is used to select the branch name when checking sdk extensions. + Make the ok checks in the output green
* Mon Jan 28 2019 bjorn.lieAATTgmail.com- Update to version 1.2.0: + Ensure DeployCollectionID works in flatpakrepo files in all cases. + Don\'t error out with empty installations in uninstall. + Add helper that validates icon files during export. + Don\'t allow root to modify the (non-root) per-user flatpak installation, as this risks causing problems later. + Remove some incorrect warnings from flatpak repair. + Allow multiple name segments after prefix when exporting files. + Allow specification of ellipsization in --colums options. + Handle dates as well as timestamps in appdata + Fixed a bug where flatpak remote-delete removed too many refs. + Now we use raw terminal mode during a transaction to a avoid problems with input during the operation causing problems with escape sequences. + Generate a fontconfig directory remapping snippet as will be needed for newer versions of fontconfig. + Support --extra-collection-id in build-commit-from to bind the commit to multiple collection ids. This is work in progress in ostree.- Add pkgconfig(dconf) BuildRequires: New dependency.
  
ICM