Accepting request 1193998 from Virtualization:containers

OBS-URL: https://build.opensuse.org/request/show/1193998 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bubblewrap?expand=0&rev=18
2024-08-16 10:22:52 +00:00 · 2024-08-16 10:22:52 +00:00 · 8516cb2c92
commit 8516cb2c92
parent 341d1d8c7a dd8761415a
4 changed files with 15 additions and 4 deletions
--- a/bubblewrap-0.10.0.tar.xz
+++ b/bubblewrap-0.10.0.tar.xz
--- a/bubblewrap-0.9.0.tar.xz
+++ b/bubblewrap-0.9.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c6347eaced49ac0141996f46bba3b089e5e6ea4408bc1c43bab9f2d05dd094e1
-size 118984
--- a/bubblewrap.changes
+++ b/bubblewrap.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Aug 14 17:02:31 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version v0.10.0:
+  * New features: Add the --[ro-]bind-fd option, which can be used
+    to mount a filesystem represented by a file descriptor without
+    time-of-check/time-of-use attacks. This is needed when
+    resolving CVE-2024-42472 in Flatpak.
+  * Other changes: Fix some confusing syntax in SetupOpFlag (no
+    functional change).
+
 -------------------------------------------------------------------
 Tue Apr  2 12:14:33 UTC 2024 - Wolfgang Frisch <wolfgang.frisch@suse.com>

--- a/bubblewrap.spec
+++ b/bubblewrap.spec
@ -17,7 +17,7 @@


 Name:           bubblewrap
-Version:        0.9.0
+Version:        0.10.0
 Release:        0
 Summary:        Core execution tool for unprivileged containers
 License:        LGPL-2.0-or-later