-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 14 Aug 2024 10:04:08 +0100 Source: bubblewrap Binary: bubblewrap bubblewrap-dbgsym Architecture: armhf Version: 0.8.0-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-arm-04) Changed-By: Simon McVittie Description: bubblewrap - utility for unprivileged chroot and namespace manipulation Changes: bubblewrap (0.8.0-2+deb12u1) bookworm-security; urgency=high . * d/gbp.conf: Use debian/bookworm packaging branch for Debian 12 * d/p/Add-bind-fd-and-ro-bind-fd-to-let-you-bind-a-O_PATH-fd.patch: Backport new --[ro-]bind-fd feature from upstream release 0.10.0. This is necessary to resolve CVE-2024-42472 in Flatpak without introducing a potentially exploitable race condition. Checksums-Sha1: eb148b86dad82fce1e01a9f548a869c156276c98 75924 bubblewrap-dbgsym_0.8.0-2+deb12u1_armhf.deb 78aa12a5134bf4f05ea05d496cf48590af0a97b2 7334 bubblewrap_0.8.0-2+deb12u1_armhf-buildd.buildinfo 47a4097c1aab907374af1733296ba174441ea5b3 45020 bubblewrap_0.8.0-2+deb12u1_armhf.deb Checksums-Sha256: 8b630f8ddc12e149e289e8d335a03b12b313ec5d27e1b7d00594d7e38c6f2354 75924 bubblewrap-dbgsym_0.8.0-2+deb12u1_armhf.deb 474e0a525665c60ed996d7ebf4e2c3580aa17ea456b63740d2d81e4de211823d 7334 bubblewrap_0.8.0-2+deb12u1_armhf-buildd.buildinfo f84a01837499f96027fe846e22b65fa8ee238170c3ba68a15a175f0faa2bda8f 45020 bubblewrap_0.8.0-2+deb12u1_armhf.deb Files: 43f2d1c895ba4725b1e653b8d3d403fb 75924 debug optional bubblewrap-dbgsym_0.8.0-2+deb12u1_armhf.deb bae5453a61d56cac156ac33b1d0b380c 7334 admin optional bubblewrap_0.8.0-2+deb12u1_armhf-buildd.buildinfo a8550ce654439fcfd8b13c482e44b6d3 45020 admin optional bubblewrap_0.8.0-2+deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEI50kmNpDqaVj/srT9SjIc4+ajYAFAma868kACgkQ9SjIc4+a jYBdew/9G76tYcbUIrGsluEgfKhPAf45T3UE1ghxRmL0BPdoqcxg16g78t1tLI0Q wF/Uk5dte5kStNG7pT6EB6lnhRAGUErH53DfsSC7zpWM5IahTtjNKY43Pt2D8ex8 /+sv3UIlL3MG6vO29KvxLz3WLHeg5BZ9+/U6H7kwwht4+0IsjESxRvJkmRpNZ2GA fC5gqLYj77pgr06bQdDWr4+gLczImv3owfYtLbP4388elsMIL1PqlAKjAEoXM7vd U0F7XgS+0oxcaBT89ktqZc5zw9grrmC1HOf40/uBRVyU+gIw8S0oIPN1sccLA6wf I+J0a01fLt3fcb7UfalytIcBgrI8JSHizQGvfiaIh+MluzoCjJ6XtOL/d049YMLf ifKv6XYjV63deF/krqfcebdP+dK4o6GxRbE7Ui3HrQqjPG7jthHVbCdbyzq4rjVu uqh3hmC7csImgdeqyYT9+i8QLoBvCce8GXs4muhrGHLSf4eO4SzPfLiaFgwNxsMO SBsUH1h+mn5wxuGBAB+qRKqiSYB7oUU1NVn72lhoANb+Cc+wpo0YFbzS6b6xOrAO PJI+jt5dEM9Yyl/K/BZujcLdrsk9wCjMRfYBxM8RPjb40E5g6VzFdb1B+z+UMy3g 9nF9Q6zpDEjqi35RV3cgFrr/7Z4nyBE5PUY2thTcBQmZAxRHwag= =c7Zp -----END PGP SIGNATURE-----