From 1f7ca4c66a37fe3a67659a1e8fc164b768d18558b27c3054d8b0781a8ed4d8a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Lie?= <bjorn.lie@gmail.com>
Date: Thu, 28 Mar 2019 13:30:48 +0000
Subject: [PATCH 1/2] Accepting request 689356 from
 home:develop7:branches:GNOME:Factory

- Update to verson 1.2.4

  This release fixes CVE-2019-10063.
  It has been discovered that the previous fix for CVE-2017-5226, which uses
  seccomp to prevent sandboxed apps from using the (dangerous) TIOCSTI ioctl
  was only incomplete on 64bit arches. This is now fixed.
  + seccomp: Only compare the low 32bit of the TIOCSTI ioctl args.
  + Support multiple nvidia cards on the machine
  + Fix support for systems where XDG_RUNTIME_DIR is /var/run which is a
    symlink like gentoo.
  + Fix potential crash when updating apps.
  + flatpak list --arch now works correctly again.
  + Update translations

OBS-URL: https://build.opensuse.org/request/show/689356
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/flatpak?expand=0&rev=71
---
 _service             |  2 +-
 _servicedata         |  2 +-
 flatpak-1.2.3.tar.xz |  3 ---
 flatpak-1.2.4.tar.xz |  3 +++
 flatpak.changes      | 19 +++++++++++++++++++
 flatpak.spec         |  2 +-
 6 files changed, 25 insertions(+), 6 deletions(-)
 delete mode 100644 flatpak-1.2.3.tar.xz
 create mode 100644 flatpak-1.2.4.tar.xz

diff --git a/_service b/_service
index 3eb9367..d96d73d 100644
--- a/_service
+++ b/_service
@@ -4,7 +4,7 @@
     <param name="scm">git</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">enable</param>
-    <param name="revision">refs/tags/1.2.3</param>
+    <param name="revision">refs/tags/1.2.4</param>
   </service>
   <service name="recompress" mode="disabled">
     <param name="file">*.tar</param>
diff --git a/_servicedata b/_servicedata
index 39ac01b..0dc2196 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/flatpak/flatpak.git</param>
-              <param name="changesrevision">428c7bf8566d1cdb9f5eafccde1a19a41aeab144</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">2bfa0060b089a20de5fbf18d018f8f1b108d2480</param></service></servicedata>
diff --git a/flatpak-1.2.3.tar.xz b/flatpak-1.2.3.tar.xz
deleted file mode 100644
index 672b008..0000000
--- a/flatpak-1.2.3.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:50201d99a77bb1968971ee96bf543b656d50024fad6d9251070b47316cfae2f0
-size 799440
diff --git a/flatpak-1.2.4.tar.xz b/flatpak-1.2.4.tar.xz
new file mode 100644
index 0000000..50f6dc9
--- /dev/null
+++ b/flatpak-1.2.4.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cc09fc42e84955cecd6e5812b2159bd84bb0ab10425c4df6b5228e9a410d048c
+size 799924
diff --git a/flatpak.changes b/flatpak.changes
index f59895a..856562f 100644
--- a/flatpak.changes
+++ b/flatpak.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Thu Mar 28 13:05:50 UTC 2019 - Andrei Dziahel <develop7@develop7.info>
+
+- Update to verson 1.2.4
+  
+  This release fixes CVE-2019-10063.
+
+  It has been discovered that the previous fix for CVE-2017-5226, which uses
+  seccomp to prevent sandboxed apps from using the (dangerous) TIOCSTI ioctl
+  was only incomplete on 64bit arches. This is now fixed.
+
+  + seccomp: Only compare the low 32bit of the TIOCSTI ioctl args.
+  + Support multiple nvidia cards on the machine
+  + Fix support for systems where XDG_RUNTIME_DIR is /var/run which is a 
+    symlink like gentoo.
+  + Fix potential crash when updating apps.
+  + flatpak list --arch now works correctly again.
+  + Update translations
+
 -------------------------------------------------------------------
 Wed Feb 13 08:06:06 UTC 2019 - alarrosa@suse.com
 
diff --git a/flatpak.spec b/flatpak.spec
index d954057..8897eee 100644
--- a/flatpak.spec
+++ b/flatpak.spec
@@ -18,7 +18,7 @@
 
 %define libname libflatpak0
 Name:           flatpak
-Version:        1.2.3
+Version:        1.2.4
 Release:        0
 Summary:        OSTree based application bundles management
 License:        LGPL-2.1-or-later

From 9eb7bf8d6652a85a151383512c46242241cb1855f25ac24e2076727eb83ed416 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Lie?= <bjorn.lie@gmail.com>
Date: Thu, 28 Mar 2019 13:33:17 +0000
Subject: [PATCH 2/2] Tweak .changes

OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/flatpak?expand=0&rev=72
---
 flatpak.changes | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/flatpak.changes b/flatpak.changes
index 856562f..835dcae 100644
--- a/flatpak.changes
+++ b/flatpak.changes
@@ -1,21 +1,18 @@
 -------------------------------------------------------------------
 Thu Mar 28 13:05:50 UTC 2019 - Andrei Dziahel <develop7@develop7.info>
 
-- Update to verson 1.2.4
-  
-  This release fixes CVE-2019-10063.
-
-  It has been discovered that the previous fix for CVE-2017-5226, which uses
-  seccomp to prevent sandboxed apps from using the (dangerous) TIOCSTI ioctl
-  was only incomplete on 64bit arches. This is now fixed.
-
+- Update to verson 1.2.4 (CVE-2019-10063):
+  + It has been discovered that the previous fix for CVE-2017-5226,
+    which uses seccomp to prevent sandboxed apps from using the
+    (dangerous) TIOCSTI ioctl was only incomplete on 64bit arches.
+    This is now fixed.
   + seccomp: Only compare the low 32bit of the TIOCSTI ioctl args.
   + Support multiple nvidia cards on the machine
-  + Fix support for systems where XDG_RUNTIME_DIR is /var/run which is a 
-    symlink like gentoo.
+  + Fix support for systems where XDG_RUNTIME_DIR is /var/run which
+    is a symlink like gentoo.
   + Fix potential crash when updating apps.
   + flatpak list --arch now works correctly again.
-  + Update translations
+  + Updated translations.
 
 -------------------------------------------------------------------
 Wed Feb 13 08:06:06 UTC 2019 - alarrosa@suse.com