-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 14 Aug 2024 18:19:22 BST
Source: bubblewrap
Architecture: source
Version: 0.8.0-2+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Changes:
 bubblewrap (0.8.0-2+deb12u1) bookworm-security; urgency=high
 .
   * d/gbp.conf: Use debian/bookworm packaging branch for Debian 12
   * d/p/Add-bind-fd-and-ro-bind-fd-to-let-you-bind-a-O_PATH-fd.patch:
     Backport new --[ro-]bind-fd feature from upstream release 0.10.0.
     This is necessary to resolve CVE-2024-42472 in Flatpak without
     introducing a potentially exploitable race condition.
Checksums-Sha256: 
 155ac8bc44bd578a628d76f5b826817d6d091fc82e900ed8158d9921f650a41c 2267 bubblewrap_0.8.0-2+deb12u1.dsc
 37917e8abdd6df1d1118f089e9cf1f9374e1b5bb21c8a70d7de4e9b5dfb10f6d 14828 bubblewrap_0.8.0-2+deb12u1.debian.tar.xz
 0a81e6c99614a6cde6a08f203633f4bb05ca9c76d419830fbf5243fdd28ea935 7173 bubblewrap_0.8.0-2+deb12u1_source.buildinfo
 957ad1149db9033db88e988b12bcebe349a445e1efc8a9b59ad2939a113d333a 149088 bubblewrap_0.8.0.orig.tar.xz
Checksums-Sha1: 
 0712f21a84b519043ae56763b99eefb401ca6a97 2267 bubblewrap_0.8.0-2+deb12u1.dsc
 6efb68ae45f0ba7e965cbf392fd2a73e69bdd6df 14828 bubblewrap_0.8.0-2+deb12u1.debian.tar.xz
 3b5bc833eb5fc238479506034c43fac2de5d3909 7173 bubblewrap_0.8.0-2+deb12u1_source.buildinfo
 d7476e68af117f16e69495bfbb129ef63fe579f7 149088 bubblewrap_0.8.0.orig.tar.xz
Files: 
 3a34635dc29d0c0c755e5d74aa215bbe 2267 admin optional bubblewrap_0.8.0-2+deb12u1.dsc
 70e038827a87f54756e5f40eb4a6e00d 14828 admin optional bubblewrap_0.8.0-2+deb12u1.debian.tar.xz
 0248e0d62318ef3c0491655b16d01442 7173 admin optional bubblewrap_0.8.0-2+deb12u1_source.buildinfo
 fc0e14bc26df76225e8f8cc2df9fb657 149088 admin optional bubblewrap_0.8.0.orig.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAma85yIACgkQ4FrhR4+B
TE8xow//fL3ytqzACAPlKCgtx9sy5lQKYYAjRREfZhQ8kc3iK9a95wVikUapGNnu
nTD87YvXWZH03LuHxIX+FxADrTJnpDUHwgUegeWpN2kvAAMM7RI0fN1RyNras5z/
FY3vCrQc6QRwcPVjKBfypKEcFZFZje6TG/q/FAwCeAp3Mv03AJJ5FFR0W4gfua9q
IGKHk6kIWRgrH8RZbHjGVc5ud4I75pPh5r+6M6wOZw0lkgn9pNMp53b/FQe293ES
Q/yR48MGBe9h6yLyUXaSHM37eK7RGe6168xWDzyEhNMLyDOpAaOJBi8oxPhWDF6O
CbeOKu5RCTmMcJX6dcLbLbnZHcZTICm65e5MmdL9XIAEGMZiFXGVHKB5hUMBnMqK
adt8ofZK8YV/EOfQFDn4D0QUHMH1FdNbXNwGe7aTsYHRKlzoLvRy7JO0054H0zBW
LeJ7V+4GW5Fm0NnJBqRKbPmWUETUK8OwthQHYRvUwmO2tay4gQ+mbD+Hqtxc/dQg
wkMd93H5/LiUTRLvGQLaDWVPuzJ6xfvlM4p9hSqFl+ef9TsUL/wV4d4xFFvgciLI
vKlLrem8zUyYC3Ag72M25f5DEdDKbnGqOv6Tw3QgTLERlklD77v2NOgn7b1m1rPG
orBbaUcc30Kadidu0NT/+PS1zVeLPwR97uNB3C+TfP+V69EpS/w=
=ojQz
-----END PGP SIGNATURE-----