-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 14 Aug 2024 10:04:08 +0100
Source: bubblewrap
Binary: bubblewrap bubblewrap-dbgsym
Architecture: i386
Version: 0.8.0-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
 bubblewrap - utility for unprivileged chroot and namespace manipulation
Changes:
 bubblewrap (0.8.0-2+deb12u1) bookworm-security; urgency=high
 .
   * d/gbp.conf: Use debian/bookworm packaging branch for Debian 12
   * d/p/Add-bind-fd-and-ro-bind-fd-to-let-you-bind-a-O_PATH-fd.patch:
     Backport new --[ro-]bind-fd feature from upstream release 0.10.0.
     This is necessary to resolve CVE-2024-42472 in Flatpak without
     introducing a potentially exploitable race condition.
Checksums-Sha1:
 8f95fc36b6053b714af16767ddedfdbd4e520d15 71852 bubblewrap-dbgsym_0.8.0-2+deb12u1_i386.deb
 22d3ea4515a026d617a04cee1e3ab1500fa778bd 7399 bubblewrap_0.8.0-2+deb12u1_i386-buildd.buildinfo
 fb9ad1abcc11f6b709e8a453bfa3cb3b1d14245a 48784 bubblewrap_0.8.0-2+deb12u1_i386.deb
Checksums-Sha256:
 79050e8a2af13adbd234703ea25e5054e9e365dfd18406fdd44dcf08545923c6 71852 bubblewrap-dbgsym_0.8.0-2+deb12u1_i386.deb
 e5c50076463565cfafa525d08c6b02e8b219c64462880ec2407596f7190a6290 7399 bubblewrap_0.8.0-2+deb12u1_i386-buildd.buildinfo
 962aa6e0d04882e6695a2ddaf29f5c8666a72cc448c0896c8e137e1bf612686a 48784 bubblewrap_0.8.0-2+deb12u1_i386.deb
Files:
 a4d5f879732b162343a5e471e359ae0e 71852 debug optional bubblewrap-dbgsym_0.8.0-2+deb12u1_i386.deb
 4c0fe19ce09b61855edb66837de97406 7399 admin optional bubblewrap_0.8.0-2+deb12u1_i386-buildd.buildinfo
 571a2a8a2f0876003b87091fe9aa2265 48784 admin optional bubblewrap_0.8.0-2+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4Unr4QHS5Yi4rr9Q3KGKEAtjIVgFAma86/sACgkQ3KGKEAtj
IVhXzg/+JozrJKq+5vFXLODHNGNu7DtvercgBljCxAZgm4mt+jwJJ2Y3lsBmZdy5
N/OEsP62Ua3TEC5lTccd98QlsASQHjjbyQwzlK4PAuxk2uqK3+RfwXekjj0+tNj3
ccIFZ/rS6fWz+11RX784DFWg4mTwo2RNNBK535PRuMqof+WhYu6fImUSgjBkBZC7
TtJQbxV5N8D1Y6d0FCRt20+QM/zyavCNplRuyoIchrg+yj2HBeTlPrJ6gp1cACaj
fGLoqiG3cjDwUgHyBQ7MvLoNRmI8Tvz528ARq1QGUVcI9PXK6ZQB3CDqPPDN+u0c
echO2zbd2f5pau+UQWaPU049fK+51c9gHhUYSz3288uzUdw0jIHI9e5LLa/kFb1b
AVFvZknAgMDFgg+5JUwnKijQUMuD1+Y7RYT6cpJZbZETujXDt/rn7YkkhKw/yWIa
RyT71R18Ha8WwEG84cgx2+kDi5RiCAp7sTxiPhelK7w0MvK5X3LxNps8iHvVkv06
0fcQnfGH5QHDYP9fNPeQqj81aku/pClKt/slaBARyrY0l44QFhr1v9iYWsbJJJ6I
5bE0o3G5uVyVPDQY+WpCwN6+nTlbDcsQJqdllM8vl5/zU+euE6yKrBrdFzpmPcNC
/kw7iRfYZi99NcnP4ZfLjIax1lsB0hljktxDi9A6eTn0sz2IBzA=
=AXVy
-----END PGP SIGNATURE-----