-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 14 Aug 2024 10:04:08 +0100 Source: bubblewrap Binary: bubblewrap bubblewrap-dbgsym Architecture: arm64 Version: 0.8.0-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-01) Changed-By: Simon McVittie Description: bubblewrap - utility for unprivileged chroot and namespace manipulation Changes: bubblewrap (0.8.0-2+deb12u1) bookworm-security; urgency=high . * d/gbp.conf: Use debian/bookworm packaging branch for Debian 12 * d/p/Add-bind-fd-and-ro-bind-fd-to-let-you-bind-a-O_PATH-fd.patch: Backport new --[ro-]bind-fd feature from upstream release 0.10.0. This is necessary to resolve CVE-2024-42472 in Flatpak without introducing a potentially exploitable race condition. Checksums-Sha1: 24b084d9c6d3fa294d982f34ba0b3b29bc37cdc2 76400 bubblewrap-dbgsym_0.8.0-2+deb12u1_arm64.deb d1de2d32e449fd1f2e67033a28696d9fd6098999 7458 bubblewrap_0.8.0-2+deb12u1_arm64-buildd.buildinfo 681d2a625f0173d458920ebdb2e113d20bcf0693 45160 bubblewrap_0.8.0-2+deb12u1_arm64.deb Checksums-Sha256: adb4bdb132d26d21c7b180d53b05264d084221c6fcb5bd29f5430e839e3cc94a 76400 bubblewrap-dbgsym_0.8.0-2+deb12u1_arm64.deb 23958f64fb20cf10d946dd1f74db11c3877a5dcdf2a5f4a489b201e612892dae 7458 bubblewrap_0.8.0-2+deb12u1_arm64-buildd.buildinfo d044ba1d7961d835669035fcd1e11121f1dc960a1a2e1c6489a93ea44e083557 45160 bubblewrap_0.8.0-2+deb12u1_arm64.deb Files: 13c4cb579914f1e85a396d2a7536861e 76400 debug optional bubblewrap-dbgsym_0.8.0-2+deb12u1_arm64.deb 4fdf1a4fafe2228eb70304d5d14986bb 7458 admin optional bubblewrap_0.8.0-2+deb12u1_arm64-buildd.buildinfo 1f53d5b779e0d5727a6de044c9507111 45160 admin optional bubblewrap_0.8.0-2+deb12u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAma87A0ACgkQ/9j0ct/+ ZwzpaRAAgBuXWfauyChenG4z7J+ZW4ECdGpuHZJHKTkGz+qVMBJpzE8SvK79LqdA H9vEPunHb+bu0l54S7ahArLjgqhy9O28D/DqWi71O/5CGo+jrT7ojoe0UyU445ug 1p2UxU3Bo+daUrMJpiRDwbbDcQoByAF3LuqoKWrfT2Pg6Grjd/c3j17Hac/bGHFY H5vniz3S3qKbbpRgBK3dWanATIIQJ/pH7tyv5kn5AaC9hvhlEIVG7IByKI6VzmpC 0e90nzrkfhyRmCwPsMD10AK3NIIcBVQ0KhLGbAPlQ/0F0HjMUtpGEKOqEt+6m8Mm e2mU6P4HbVimG2sLIHsCmxjRQvNI7fOgLJovh+n6edILxMA6UEnmkg3TpdsoeGO2 3LkpI59CpFwAKVv9qTQIlyKh0CfVpO/zjmf9Sg0RiCm2R7Hp5tvJxTw/Vemf6yfU OR8Ll+3pzXXOYrX+olZpAXe7LMwSKWgBTsM8Y8e/M+uurD4G7HLKqeV5XwGiWFZb sMVEffojbSyXx5hsjxGVumjaQsLiegrbgIlnxkcG/CPl3p+lCao3F+bFbZ3DVwGT X6ZNFH034nSzLfMEp3M90lyNCYq2P4ceCIEwYBN+smLaWCQ7Z37BCGnw9fXI6kdA 0Be/FxYmspXWSOGrpGm+ieVkn7R1Php6+v71QvV1BPYHPoaiNOY= =+SwQ -----END PGP SIGNATURE-----