Your message dated Mon, 24 Nov 2025 03:43:05 +0000
with message-id <[email protected]>
and subject line Bug#1064259: fixed in nautilus 49.2-1
has caused the Debian Bug report #1064259,
regarding Remove spurious Depends: bubblewrap (it moved to libgnome-desktop-*)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1064259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064259
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: nautilus
Version: 43.2-1
Severity: minor
Right now nautilus has Depends: bubblewrap, but it doesn't actually use
bubblewrap.
https://salsa.debian.org/search?search=bubblewrap&nav_source=navbar&project_id=5329&group_id=2002&search_code=true&repository_ref=debian%2Flatest
This happened because nautilus used to contain an embedded copy of
libgnome-desktop.
That was fixed, but the bubblewrap dependency was not removed.
https://salsa.debian.org/gnome-team/nautilus/-/commit/673c81cf9f1d68b71041220e6e44624dee44dbfc
(libgnome-desktop embedded, bwrap required)
https://salsa.debian.org/gnome-team/nautilus/-/commit/4eb2d8705b7f799a16046b316a16ebde3af8dd0e
(bwrap dependency documented)
https://salsa.debian.org/gnome-team/nautilus/-/commit/3862cf798039ccf3cb57d39400288314f04db25c
(libgnome-desktop not embedded anymore, bwrap not directly required)
"libgnome-desktop* Depends: bubblewrap" provide this dependency already where
it is still needed.
https://salsa.debian.org/search?search=bubblewrap&nav_source=navbar&project_id=5207&group_id=2002&search_code=true&repository_ref=debian%2Flatest
Boring context:
1. Can I use bwrap to harden XFCE's tumbler against the next
https://security-tracker.debian.org/tracker/CVE-2023-4863 ?
2. Oh, nautilus Depends: bubblewrap directly.
It's probably something simple (and steal-able!) like
nautilus.desktop: TryExec=nautilus
nautilus.desktop: Exec=bwrap ⋯ nautilus
3. Waitaminute, this isn't using bubblewrap *at all*?! >Confused<
-- System Information:
Debian Release: 12.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.5.0-0.deb12.4-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages nautilus depends on:
ii bubblewrap 0.8.0-2
ii desktop-file-utils 0.26-1
ii gsettings-desktop-schemas 43.0-1
ii gvfs 1.50.3-1
ii libadwaita-1-0 1.2.2-1
ii libc6 2.36-9+deb12u4
ii libcairo2 1.16.0-7
ii libcloudproviders0 0.3.1-2
ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1
ii libgexiv2-2 0.14.0-1+b1
ii libglib2.0-0 2.74.6-2
ii libglib2.0-data 2.74.6-2
ii libgnome-autoar-0-0 0.4.3-1
ii libgnome-desktop-4-2 43.2-2
ii libgstreamer-plugins-base1.0-0 1.22.0-3+deb12u1
ii libgstreamer1.0-0 1.22.0-2
ii libgtk-4-1 4.8.3+ds-2+deb12u1
ii libnautilus-extension4 43.2-1
ii libpango-1.0-0 1.50.12+ds-1
ii libportal-gtk4-1 0.6-4
ii libportal1 0.6-4
ii libselinux1 3.4-1+b6
ii libtracker-sparql-3.0-0 3.4.2-1
ii nautilus-data 43.2-1
ii shared-mime-info 2.2-1
ii tracker 3.4.2-1
ii tracker-extract 3.4.3-1
ii tracker-miner-fs 3.4.3-1
Versions of packages nautilus recommends:
ii gnome-sushi 43.0-2
ii gvfs-backends 1.50.3-1
ii libgdk-pixbuf2.0-bin 2.42.10+dfsg-1+b1
ii librsvg2-common 2.54.7+dfsg-1~deb12u1
Versions of packages nautilus suggests:
ii eog 43.2-1
ii evince [pdf-viewer] 43.1-2+b1
pn nautilus-extension-brasero <none>
pn nautilus-sendto <none>
ii totem 43.0-2
ii vlc [mp3-decoder] 3.0.20-0+deb12u1
ii xdg-user-dirs 0.18-1
ii xpdf [pdf-viewer] 3.04+git20220601-1+b2
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: nautilus
Source-Version: 49.2-1
Done: Jeremy Bícha <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nautilus, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jeremy Bícha <[email protected]> (supplier of updated nautilus package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 23 Nov 2025 19:52:36 -0500
Source: nautilus
Built-For-Profiles: noudeb
Architecture: source
Version: 49.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
<[email protected]>
Changed-By: Jeremy Bícha <[email protected]>
Closes: 1064259
Changes:
nautilus (49.2-1) unstable; urgency=medium
.
[ Jeremy Bícha ]
* New upstream release
* Remove direct Depends: bubblewrap (Closes: #1064259)
* Remove home patch: applied in new release
.
[ Alessandro Astone ]
* debian/control: Add build dependency on libicu
* debian/control: Bump tracker-sparql-3.0 minimum version
Checksums-Sha1:
ce2d8ec5f3e6eba95ae107e53ddce2d6cf56032c 3031 nautilus_49.2-1.dsc
9a76a92b999df96c913e8f48b80269e14dc8600b 3324964 nautilus_49.2.orig.tar.xz
328acc561ede617f328bbe73b6942d42aa30c1b3 29660 nautilus_49.2-1.debian.tar.xz
38f1a6d23f5b334d11dda488c4ce1d95d085b68e 20857 nautilus_49.2-1_source.buildinfo
Checksums-Sha256:
1133da81755078871d2273958478818b7c6c03827420615c9a6304991d4e4cfc 3031
nautilus_49.2-1.dsc
2576b34bed2781a89f09051ec9fcae3ae17eb7172cd7be678f592aa14e4c26b1 3324964
nautilus_49.2.orig.tar.xz
f0b99b277d635a7ce8613c31316dd83ad7bde349455cb9ae7d7686dd6b282d21 29660
nautilus_49.2-1.debian.tar.xz
d9bc499052ed67d66501a5902236e3662c40b4f53c642bd23527fef1b61b6eda 20857
nautilus_49.2-1_source.buildinfo
Files:
6db4198db4e7e08852aab3010062c342 3031 gnome optional nautilus_49.2-1.dsc
200055d0981fccbd85cf1b5d67810b3b 3324964 gnome optional
nautilus_49.2.orig.tar.xz
fb69441c303566f5994184c8f02c59c7 29660 gnome optional
nautilus_49.2-1.debian.tar.xz
b608c9f1477f727751f58d7c4a7eb1b5 20857 gnome optional
nautilus_49.2-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmkjrG0ACgkQ5mx3Wuv+
bH1QnQ/+Pfu6m5ZyFzmVQVMkg7Cj302TWiLU1AxfMm+xB18NiTYck45bhgfkTLUw
cW8O2E/95etReyfGqHNVS+MSV7hTdRgad09k6No3abNXsVrlrB3+/XtvldfAZYor
ZY0Cf2K/CzIbG/pSlTx1uXjmjdiJC/jFBa7RrRE85ztQmO19aCywk/vEUkGQTfiv
XB+sYqsRQ6hS2mcn5+5R/PBE/zIgGqjLCxspdNzD8oDVXeeaA6DERbMPLIF8BoG6
xVmVRoHBv7Ip9PQqRYzs4PD25mog4rXtc8xMnFV/TP4iXw5bzCVlN1plBnk1JwDc
VCdLL3FK/Y1T3tSJRcB8vY2Yng88fnM9Oy4r7PSAFxcsQVaEOKDKPeD4hcpLwLqc
2PevYzp8+ICcj4bfOcOPe9O5jJt31pJSoQUwdP2tCYYNU4DEuKFvSClasIEaWHnY
SOxbYz2rC/psESLbG/v4d8EjEccMOmHbXFLjCAIyZQd+GO2bXDXhoWnn+WQs02p+
Veou/HnUOj5afJPc4nkp/irbCCUNsUYKrBi0oaEERaXc9Rtxmqz1I3mtzf09zpjx
y5DumqdrszkcW4fJiqIbf6gIie69tnSr7y9huDzhE+8WeaoSFQjlafCa6eyN+YVz
OzK6utE0kYv/H8BhHX77tDiaZx93W+c7B1GrO84Ez+4Xp+RZnuc=
=jhe/
-----END PGP SIGNATURE-----
pgpyV3czWYjZE.pgp
Description: PGP signature
--- End Message ---
