-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 17 Apr 2024 19:39:48 +0100
Source: flatpak
Binary: flatpak flatpak-dbgsym flatpak-tests flatpak-tests-dbgsym gir1.2-flatpak-1.0 libflatpak-dev libflatpak0 libflatpak0-dbgsym
Architecture: armhf
Version: 1.14.4-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 flatpak    - Application deployment framework for desktop apps
 flatpak-tests - Application deployment framework for desktop apps (tests)
 gir1.2-flatpak-1.0 - Application deployment framework for desktop apps (introspection)
 libflatpak-dev - Application deployment framework for desktop apps (development)
 libflatpak0 - Application deployment framework for desktop apps (library)
Changes:
 flatpak (1.14.4-1+deb12u1) bookworm-security; urgency=high
 .
   * d/p/When-starting-non-static-command-using-bwrap-use.patch,
     d/p/test-run-Add-a-reproducer-for-CVE-2024-32462.patch:
     Don't allow an executable name to be misinterpreted as a command-line
     option for bwrap(1). This prevents a sandbox escape where a malicious
     or compromised app could ask xdg-desktop-portal to generate a .desktop
     file with access to files outside the sandbox. (CVE-2024-32462)
   * d/gbp.conf: Use debian/bookworm packaging branch
Checksums-Sha1:
 af79cd174b015fed0fb88224276759bdf88d3c7f 6099456 flatpak-dbgsym_1.14.4-1+deb12u1_armhf.deb
 2e4a625e3634343298b09bff72dea2ad91a6cce8 9484492 flatpak-tests-dbgsym_1.14.4-1+deb12u1_armhf.deb
 e639e933e00730211dfc9c13e9e5b7c4a13d24a5 962676 flatpak-tests_1.14.4-1+deb12u1_armhf.deb
 8545acdb91dfc03a32fc2db9dfc330c1c217f7e3 14236 flatpak_1.14.4-1+deb12u1_armhf-buildd.buildinfo
 bdce316dde8758946dabbc3e217209fbf04badf9 1236172 flatpak_1.14.4-1+deb12u1_armhf.deb
 a136272bdc12635118d23ac4edb716e826379edd 23028 gir1.2-flatpak-1.0_1.14.4-1+deb12u1_armhf.deb
 1478adba96bc56196e29a3eb5a28e5e3867b4d71 66416 libflatpak-dev_1.14.4-1+deb12u1_armhf.deb
 80eaf127e7c5b465aa54dd7c304c04553acf2c48 1480860 libflatpak0-dbgsym_1.14.4-1+deb12u1_armhf.deb
 c7feb2a5521a8bff2fe831d7b5a2bcfc1588ea75 308340 libflatpak0_1.14.4-1+deb12u1_armhf.deb
Checksums-Sha256:
 37e3cc97c5f06b683ddfb3e57bedb948112af3ca41b65c31a8d6ddc7691b0f74 6099456 flatpak-dbgsym_1.14.4-1+deb12u1_armhf.deb
 68e7acee5086f17d8808f33f1851e06180c9535409f1d3206098a75c6317db41 9484492 flatpak-tests-dbgsym_1.14.4-1+deb12u1_armhf.deb
 9cebfffbf1fb5ba5b260c9c99a02ebaf402baf6891a9bde8f0afc8a4f4e90679 962676 flatpak-tests_1.14.4-1+deb12u1_armhf.deb
 c07564b460e934360dec300a6616185e0bf319bafa9b405f869ba241db197125 14236 flatpak_1.14.4-1+deb12u1_armhf-buildd.buildinfo
 0cdea4d5ebb7f52bc1981a7b8ccc20eb1641294ea3342983242405c031e7cec4 1236172 flatpak_1.14.4-1+deb12u1_armhf.deb
 972bd6b95e259604ee03278de2364f76fa14ff032de73698c20f4aad28093ecf 23028 gir1.2-flatpak-1.0_1.14.4-1+deb12u1_armhf.deb
 05c7aa29dfdd7fb618127a8fd0a5402d900fcfcc484b25d99874cdc5acc6076b 66416 libflatpak-dev_1.14.4-1+deb12u1_armhf.deb
 ef52a71a6d3e4bef7c567225f37d938e8eb9fec142c90eec5e0180c0118d1f9c 1480860 libflatpak0-dbgsym_1.14.4-1+deb12u1_armhf.deb
 ed0770785bd669e26241ac3239b8e70c522d4ae632aa282367cce93ccbef7756 308340 libflatpak0_1.14.4-1+deb12u1_armhf.deb
Files:
 a18ef80692d3a81b2cfb51e0f0022563 6099456 debug optional flatpak-dbgsym_1.14.4-1+deb12u1_armhf.deb
 454d0d36e91ca202c587b9ce3bb6b245 9484492 debug optional flatpak-tests-dbgsym_1.14.4-1+deb12u1_armhf.deb
 3df18de49f6bfed5d73ed5a96d19f3c9 962676 misc optional flatpak-tests_1.14.4-1+deb12u1_armhf.deb
 da84f636f2585d73aa963629e17c8627 14236 admin optional flatpak_1.14.4-1+deb12u1_armhf-buildd.buildinfo
 bae8eb309ecdc671340d10d73de17e37 1236172 admin optional flatpak_1.14.4-1+deb12u1_armhf.deb
 486af87bfb11e4723aa253a7b3640235 23028 introspection optional gir1.2-flatpak-1.0_1.14.4-1+deb12u1_armhf.deb
 60f4f9148883e014a3e8326364f49183 66416 libdevel optional libflatpak-dev_1.14.4-1+deb12u1_armhf.deb
 0d6b664d716a101704e658e58b8b55b5 1480860 debug optional libflatpak0-dbgsym_1.14.4-1+deb12u1_armhf.deb
 5444ea5e82fea695b92c45790fc1c013 308340 libs optional libflatpak0_1.14.4-1+deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEw2TRpv7HYIvK+TsIbEMdCP/rlD8FAmYhckMACgkQbEMdCP/r
lD9j4BAAr+saebX1eDFZgGLz8Lfa6cRBuYv8zC2nJXfGTWJtQWAVLkl8J456fJhV
X4RYXfNR04Q/8LvAVM0zRCt553SiPrab728AGeAuB79UyKeUA/t40dSnGzC1knKt
0fbynHAxmXPRs3Wi0bQWFT6SCH6r9M4P0ON3kvKNp/e8M3rxtiAIBU0CrkBdS5nf
OSoDL+6KpKuu2T7OiW4DZpBq1E9b/oG5O7J1rhl+QyCQfeGdLqm5AreNOFpgcdNf
+AySbZIEkzrG/NuGU4PU/iLywNsG4v9hlyX34d+HnEd86rFAdnIMOnIqBLFrEE8G
HSllj6q9LUKGZ2rZo1sLvQp6kW8m12Wo91beiyimtYS9OhMSiylyYM0LUGpY18mW
pDVCiPw3pBRLK3UZeH/rjAbJ9cZ4kXhq22/aJgngI8zToo5RnBgXFS2FeZvLkq77
nkdbG+GhIQy6L1cnTb7Z/zO2T39CuVcEiszA7FwAuUNlQb4N+EX/xtPwqsE383lU
P9JHXmh9YfjOSjRHW8MrYJp5Yne4aCUpXe5A49fDuvrIxCYkc0EjzoY0Aa2CQ9rH
p1NSx/lHaQovLaEWWI854kTl/yK9elL7eMYiJg9G/PiOatVaCrwmZrMV3tFEJHuQ
vaKu1WBPUo7WzfBfuQqfJvjXfwbA7fYHJTl1DI67A1Bx4lbqDeQ=
=Do4r
-----END PGP SIGNATURE-----