Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package flatpak for openSUSE:Factory checked in at 2022-01-21 01:25:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/flatpak (Old) and /work/SRC/openSUSE:Factory/.flatpak.new.1938 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "flatpak" Fri Jan 21 01:25:22 2022 rev:65 rq:947481 version:1.12.4 Changes: -------- --- /work/SRC/openSUSE:Factory/flatpak/flatpak.changes 2022-01-14 23:13:40.178648384 +0100 +++ /work/SRC/openSUSE:Factory/.flatpak.new.1938/flatpak.changes 2022-01-21 01:25:47.990431022 +0100 @@ -1,0 +2,13 @@ +Tue Jan 18 20:52:06 UTC 2022 - Andreas Stieger <andreas.stie...@gmx.de> + +- Update to 1.12.4: + + reverting non-backwards-compatible behaviour changes in the + solution previously chosen for CVE-2022-21682 (boo#1194611) + Fix will be in flatpak-builder 1.2.2. + + Clarify documentation of --nofilesystem + + Improve unit test coverage around --filesystem and + --nofilesystem + + Restore compatibility with older appstream-glib versions, + fixing a regression in 1.12.3 + +------------------------------------------------------------------- @@ -8,3 +21,3 @@ - + flatpak-builder could allow --mirror-screenshots-url commands - to create directories outside of the build directory - (boo#1194611) + + CVE-2022-21682: flatpak-builder could allow + --mirror-screenshots-url commands to create directories outside + of the build directory (boo#1194611) Old: ---- flatpak-1.12.3.tar.xz New: ---- flatpak-1.12.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ flatpak.spec ++++++ --- /var/tmp/diff_new_pack.lVHGCq/_old 2022-01-21 01:25:48.538427266 +0100 +++ /var/tmp/diff_new_pack.lVHGCq/_new 2022-01-21 01:25:48.542427238 +0100 @@ -30,7 +30,7 @@ %define support_environment_generators 1 %endif Name: flatpak -Version: 1.12.3 +Version: 1.12.4 Release: 0 Summary: OSTree based application bundles management License: LGPL-2.1-or-later ++++++ flatpak-1.12.3.tar.xz -> flatpak-1.12.4.tar.xz ++++++ ++++ 32613 lines of diff (skipped)