Announce: Flatpak 0.8.7 (stable branch)
Alexander Larsson
alexl at redhat.com
Tue Jun 20 13:36:36 UTC 2017
Available here:
https://github.com/flatpak/flatpak/releases/tag/0.8.7
$ sha256sum flatpak-0.8.7.tar.xz
ddd2b1d5b291b55a12bee1ef802d2e36ca7c830e2164d38996fa62460196f311 flatpak-0.8.7.tar.xz
Major changes in 0.8.7
======================
This is a minor security update, matching the behaviour on master
where we avoid ever creating setuid files or world-writable
directories. However, the fix is more localized and does not
require a new ostree.
Changes:
* After pulling from a remote, always verify that the staged
new files and directories have safe permissions.
* Ensure ~/.local/share/flatpak is not readable to other users, to
avoid anyone ever seeing possibly world-writeable directories
therein.
* Fix double-setting a error in case of errors when pulling
* Fix timeout in testcase
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alexander.larsson at gmail.com
He's an impetuous small-town gentleman spy who dotes on his loving old
ma. She's a disco-crazy impetuous magician's assistant from a family of
eight older brothers. They fight crime!
More information about the Flatpak
mailing list