-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 14 Aug 2024 10:04:08 +0100 Source: bubblewrap Binary: bubblewrap bubblewrap-dbgsym Architecture: ppc64el Version: 0.8.0-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) Changed-By: Simon McVittie Description: bubblewrap - utility for unprivileged chroot and namespace manipulation Changes: bubblewrap (0.8.0-2+deb12u1) bookworm-security; urgency=high . * d/gbp.conf: Use debian/bookworm packaging branch for Debian 12 * d/p/Add-bind-fd-and-ro-bind-fd-to-let-you-bind-a-O_PATH-fd.patch: Backport new --[ro-]bind-fd feature from upstream release 0.10.0. This is necessary to resolve CVE-2024-42472 in Flatpak without introducing a potentially exploitable race condition. Checksums-Sha1: 39cf1fe3decb126f089f3c5ffc89653ce09f9172 77096 bubblewrap-dbgsym_0.8.0-2+deb12u1_ppc64el.deb a5a28a4c32c24fbbf08cd3aa988a79b28a046d46 7455 bubblewrap_0.8.0-2+deb12u1_ppc64el-buildd.buildinfo 72518b3a1fd3ca1c8baf982f3cd1865e6c1ee2de 49260 bubblewrap_0.8.0-2+deb12u1_ppc64el.deb Checksums-Sha256: fc17baa194c3238aa7ac2a1c03850ffef4c3cfbe002b6358ae1f540babcab36c 77096 bubblewrap-dbgsym_0.8.0-2+deb12u1_ppc64el.deb d7d887d15acafab598ee25983cec12ca7d3ad20f0d0ad9d34dfc6c6259f92704 7455 bubblewrap_0.8.0-2+deb12u1_ppc64el-buildd.buildinfo 0a020f9169d6ec2b20fa6ab5cd2e4de9245c06782f855223d6dc4155a1e94870 49260 bubblewrap_0.8.0-2+deb12u1_ppc64el.deb Files: 7eeaf57eafde81b1efe7c22087f504a8 77096 debug optional bubblewrap-dbgsym_0.8.0-2+deb12u1_ppc64el.deb 922bf895ba0eab8ddc2e069e74c0783a 7455 admin optional bubblewrap_0.8.0-2+deb12u1_ppc64el-buildd.buildinfo 6b91b482fc1d617cc922076835353fd9 49260 admin optional bubblewrap_0.8.0-2+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5v3ycPFoB5xoBEprvMjydu+xvRMFAma867kACgkQvMjydu+x vROywBAAhBRxXN4xJvAV24PySV8Asn7shpUT/XKcDKGZqN+mdRp+yq15vV7382WC ClMqv4t0MgqjcS46dF2xmrqkQOc3zhNMQgoI1D2n/OEBlJ7B5qPzMX/obpo2QLBI RcfYUjKMxYGr8blYP2ikD0jbyg0rNefuGlTNf0E13BOrJWRpqX0f3RQPMLTBrPxu 6+HMsB4pfQyACNhh9yoHAPhQtTdXaWEqrRDvTu0L26Af5tMe1j2snFs7kjq5u6Sg Nr0MZLhpDrQCT90D1bGnio+BWAoqRkiCxdp/Yt9CaCeqfP4vD7A4m4Wwdp+N1mLD JGfoNWudaF4Y/yxmDhY7ipPOQxA42Aj4NoMGk8eULpY1jY11oIo4j6Toz+MOCPD8 PsR3ttJSmfh26WpS4b8q+1gpJ2xabLhFYp59KR5f/wPOJGSVqA7hN4CAjFdB9s5+ xTBv4WeptunI/hrVkhZHN4vcTDH27bn4zj0JzpGh5rUBkzzSpfFUJ6+G9s5sO45u bjoeFs/8aeUMTXcI2wafM8J+WFJvsPLx8Qpl6VnsBpK18vHxEWgUxkek9y5PpNLQ /iNqtFleY6nBUh2RL5qSnh5Wq/j+gpQDHIrkf7e+ynmLcyhiFe1zRJEeoAcCKwCq 6IqemXVgmEjr346BW08t3Y6afMTBkVrMZCI8LmGLWTzLeN44k90= =V3Ee -----END PGP SIGNATURE-----