diff --git a/flatpak-1.15.4.tar.xz b/flatpak-1.15.4.tar.xz deleted file mode 100644 index 5f3ccda..0000000 --- a/flatpak-1.15.4.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bef695d893d1e0239a68441d6b328edeb6d1e58a902c92f9278e94da914ab91f -size 1271428 diff --git a/flatpak-1.15.6.tar.xz b/flatpak-1.15.6.tar.xz new file mode 100644 index 0000000..60128a2 --- /dev/null +++ b/flatpak-1.15.6.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8eb68189eb4850a34752feb29827cc2cc744c1981b8915e280ec1cf5bc387962 +size 1315036 diff --git a/flatpak.changes b/flatpak.changes index 2da74c0..6f937d0 100644 --- a/flatpak.changes +++ b/flatpak.changes @@ -1,3 +1,73 @@ +------------------------------------------------------------------- +Tue Nov 14 19:34:15 UTC 2023 - Bjørn Lie + +- Update to version 1.15.6: + + In distributions that compile Flatpak to use a separate + bubblewrap (bwrap) executable, version 0.8.0 is now required. + + Enabling the optional Wayland security context feature requires + libwayland-client, wayland-scanner >= 1.15 and + wayland-protocols >= 1.32. + + Add --device=input, for access to evdev devices in /dev/input + + Update bundled copy of bubblewrap to version 0.8.0, and rely on + its features: + + Improve error message if seccomp is disabled in kernel config + + Security hardening: set user namespace limit to 0, to prevent + creation of nested user namespaces in a more robust way + + For subsandboxes started by flatpak-portal, inherit + environment variables from the flatpak run that started the + original instance rather than from flatpak-portal, fixing + behaviour of FLATPAK_GL_DRIVERS and similar features + + Stop http transfers if a download in progress becomes very slow + + Make it easier to configure extra languages, by picking them up + from AccountsService if configured there + + Add new flatpak_transaction_add_rebase_and_uninstall() API, + allowing end-of-life apps to be replaced by their intended + replacement more reliably + + Create a private Wayland socket with the "security context" + extension if available, allowing the compositor to identify + connections from sandboxed apps as belonging to the sandbox + + Update libglnx to 2023-08-29 + + Use features of newer GLib versions if available + + Turn off system-level crash reporting infrastructure during + some unit tests that involve intentional assertion failures + + Add anchors to link to sections of flatpak-metadata + documentation + + Bug fixes: + - Avoid warnings processing symbolic links with GLib >= 2.77.0, + and with GLib 2.76.0 (GLib 2.76.1 or later silences these + warnings) + - Bypass page cache for backend requests in revokefs, fixing + installation errors with libostree 2023.4 + - Show AppStream metadata in flatpak remote-info as intended + - Don't let Flatpak apps inherit VK_DRIVER_FILES or + VK_ICD_FILENAMES from the host system, which would be wrong + for the sandbox + - Fix build failure with prereleases of libappstream 0.17.x + - Forward-compatibility with libappstream 1.0 + - Fix installation with Meson if configured with + -Dauto_sideloading=true + - Fix a memory leak + - Fix compiler warnings + - Make the tests fail more comprehensibly if a required tool is + missing + - Clean up /var/tmp/flatpak-cache-* directories on boot + - Don't force GIO_USE_VFS=local for programs launched via + flatpak-spawn + - Clarify documentation for D-Bus name ownership + + Internal changes: + - Split up large source files into smaller modules, reducing + internal circular dependencies + - Re-synchronize code backported from GLib with the version in + GLib + - Clarify documentation for D-Bus name ownership + - Make the flags used to apply "extra data" clearer + - Use glnx_opendirat() where possible + + Updated translations. +- Add pkgconfig(wayland-client), pkgconfig(wayland-scanner) and + pkgconfig(wayland-protocols) BuildRequires and pass + with-wayland-security-context=yes to configure: Enable the + optional Wayland security context. + ------------------------------------------------------------------- Wed Aug 2 20:23:29 UTC 2023 - Luciano Santos diff --git a/flatpak.spec b/flatpak.spec index 6ebba9b..b66d2fb 100644 --- a/flatpak.spec +++ b/flatpak.spec @@ -17,7 +17,7 @@ %define libname libflatpak0 -%define bubblewrap_version 0.5.0 +%define bubblewrap_version 0.8.0 %define ostree_version 2020.8 %define xdg_dbus_proxy_version 0.1.0 @@ -34,7 +34,7 @@ %define support_environment_generators 1 %endif Name: flatpak -Version: 1.15.4 +Version: 1.15.6 Release: 0 Summary: OSTree based application bundles management License: LGPL-2.1-or-later @@ -85,6 +85,9 @@ BuildRequires: pkgconfig(libzstd) >= 0.8.1 BuildRequires: pkgconfig(ostree-1) >= %{ostree_version} BuildRequires: pkgconfig(polkit-gobject-1) BuildRequires: pkgconfig(systemd) +BuildRequires: pkgconfig(wayland-client) >= 1.15 +BuildRequires: pkgconfig(wayland-protocols) >= 1.32 +BuildRequires: pkgconfig(wayland-scanner) >= 1.15 BuildRequires: pkgconfig(xau) Requires: %{libname} = %{version} Requires: bubblewrap >= %{bubblewrap_version} @@ -195,6 +198,7 @@ sed -i -e '1s,#!%{_bindir}/env python3,#!%{_bindir}/python3,' scripts/flatpak-* %endif --enable-documentation \ --enable-gtk-doc \ + --with-wayland-security-context=yes \ %{nil} %make_build %sysusers_generate_pre system-helper/flatpak.conf system-user-flatpak flatpak.conf @@ -252,6 +256,7 @@ if [ -e "%{_localstatedir}/lib/flatpak/repo" ] && [ -z "$(ls -A %{_localstatedir rm -r %{_localstatedir}/lib/flatpak/repo fi %{_bindir}/flatpak remotes 1> /dev/null +%tmpfiles_create %{_tmpfilesdir}/flatpak.conf %postun %service_del_postun flatpak-system-helper.service @@ -316,6 +321,7 @@ fi %{_userunitdir}/flatpak-oci-authenticator.service %{_datadir}/dbus-1/interfaces/org.freedesktop.Flatpak.Authenticator.xml %{_datadir}/dbus-1/services/org.flatpak.Authenticator.Oci.service +%{_tmpfilesdir}/flatpak.conf %files -n system-user-flatpak %license COPYING