Change log for bubblewrap package in Ubuntu
| 1 → 51 of 51 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
bubblewrap (0.9.0-1build1) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 08:43:28 +0000
Available diffs
- diff from 0.8.0-2 (in Debian) to 0.9.0-1build1 (139.5 KiB)
- diff from 0.9.0-1 (in Debian) to 0.9.0-1build1 (520 bytes)
bubblewrap (0.9.0-1) unstable; urgency=medium
* New upstream release
* d/copyright: Update
* d/p/tests-Explicitly-unshare-userns-when-testing-disable-user.patch,
d/p/tests-Try-harder-to-evade-disable-userns.patch:
Drop patches that were included upstream
-- Simon McVittie <email address hidden> Tue, 26 Mar 2024 21:16:50 +0000
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
bubblewrap (0.8.0-2) unstable; urgency=medium
* Upload to unstable.
The changes since 0.7.0 are small, and if a Flatpak vulnerability
similar to CVE-2021-41133 is reported during the Debian 12 release
lifetime, having the new --disable-userns option will give us more
options for how to prevent it.
-- Simon McVittie <email address hidden> Tue, 28 Feb 2023 09:38:53 +0000
Available diffs
- diff from 0.7.0-2 to 0.8.0-2 (9.1 KiB)
bubblewrap (0.7.0-2) unstable; urgency=medium
* d/p/test-run-Filter-out-no-new-privs-in-capsh-output.patch:
Add patch from upstream to fix test failure with newer capsh
* Update standards version to 4.6.2 (no changes needed)
* Remove version constraints unnecessary since buster (oldstable)
-- Simon McVittie <email address hidden> Wed, 11 Jan 2023 18:30:16 +0000
Available diffs
- diff from 0.7.0-1 to 0.7.0-2 (1.5 KiB)
bubblewrap (0.7.0-1) unstable; urgency=medium
* New upstream release
* Standards-Version: 4.6.1 (no changes required)
* d/watch: Adapt to Github web page changes
* d/control: Add test dependencies to Build-Depends.
We can't run build-time tests in locked-down buildd chroots, but we can
run them in privileged Docker containers on Salsa-CI, which will need
these extra packages.
-- Simon McVittie <email address hidden> Mon, 07 Nov 2022 17:57:24 +0000
Available diffs
- diff from 0.6.2-1 to 0.7.0-1 (12.2 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
bubblewrap (0.6.2-1) unstable; urgency=medium * New upstream release -- Simon McVittie <email address hidden> Wed, 11 May 2022 15:07:05 +0100
Available diffs
- diff from 0.6.1-1 to 0.6.2-1 (5.8 KiB)
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
bubblewrap (0.6.1-1) unstable; urgency=medium * New upstream release * Build using Meson -- Simon McVittie <email address hidden> Fri, 25 Feb 2022 17:46:05 +0000
Available diffs
- diff from 0.6.0-1 to 0.6.1-1 (2.0 KiB)
bubblewrap (0.6.0-1) unstable; urgency=medium * New upstream release -- Simon McVittie <email address hidden> Thu, 24 Feb 2022 14:39:45 +0000
Available diffs
- diff from 0.5.0-1 to 0.6.0-1 (61.6 KiB)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Deleted in impish-proposed (Reason: Moved to impish) |
bubblewrap (0.4.1-3build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:09:48 +0200
Available diffs
- diff from 0.4.1-3 (in Debian) to 0.4.1-3build1 (339 bytes)
bubblewrap (0.5.0-1) unstable; urgency=medium
* New upstream release
- Drop patches that were applied upstream
* Standards-Version: 4.6.0 (no changes required)
* Use recommended debhelper compat level 13
- No need to check for DEB_BUILD_OPTIONS=nocheck any more
* Release to unstable
-- Simon McVittie <email address hidden> Fri, 20 Aug 2021 16:19:25 +0100
Available diffs
- diff from 0.4.1-3build1 (in Ubuntu) to 0.5.0-1 (146.2 KiB)
| Superseded in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
bubblewrap (0.4.1-3) unstable; urgency=medium
* Stop making /usr/bin/bwrap setuid root.
With Debian kernels >= 5.10, this is no longer necessary: unprivileged
users can now create user namespaces, the same as in upstream kernels
and Ubuntu.
For smooth upgrades, install a sysctl configuration fragment that will
configure older kernels to behave similarly if the recommended procps
package is installed, or if booting with systemd. (Closes: #977841)
- This change also makes more Flatpak features available; in
particular, it is necessary for the Chromium browser.
(Closes: #977758)
* Include setuid status, etc. in bug reports
-- Simon McVittie <email address hidden> Sun, 03 Jan 2021 14:13:01 +0000
Available diffs
- diff from 0.4.1-2 to 0.4.1-3 (2.6 KiB)
bubblewrap (0.4.1-2) unstable; urgency=medium
* d/gbp.conf: Rename development branch to debian/latest
* Standards-Version: 4.5.1 (no changes required)
* Reference CVE-2020-5291 in previous changelog entry
* Add some bugfix patches from upstream
- Correct the name of PR_SET_NO_NEW_PRIVS in an error message
- Silence warnings from the kernel when a non-Y2038-compliant
filesystem such as xfs is remounted into the sandbox
- Don't fail if /proc is read-only, as it can be inside Docker
* Forward python3 patch upstream
* d/control: Canonicalize case of Multi-Arch
* Add a patch to fix typos in the man page
* Add a README.Debian describing ways in which bubblewrap can be used
* Add patch to include Debian-specific links in EPERM error message
-- Simon McVittie <email address hidden> Fri, 01 Jan 2021 15:31:11 +0000
Available diffs
- diff from 0.4.1-1 to 0.4.1-2 (7.0 KiB)
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
bubblewrap (0.4.0-1ubuntu4) focal; urgency=medium
* SECURITY UPDATE: privilege escalation when used in setuid mode
- debian/patches/CVE-2020-5291.patch: don't rely on geteuid() to know
when to switch back from setuid root in bubblewrap.c.
- CVE-2020-5291
-- Marc Deslauriers <email address hidden> Wed, 01 Apr 2020 08:25:00 -0400
Available diffs
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
bubblewrap (0.4.1-1) unstable; urgency=high
* New upstream release
- Fixes a root privilege escalation vulnerability introduced in 0.4.0,
in cases where the kernel allows creation of user namespaces by
unprivileged users and bwrap is (unnecessarily) setuid root.
Debian systems are vulnerable if
/proc/sys/kernel/unprivileged_userns_clone (default 0) has been
changed to 1, or if using an upstream kernel instead of a Debian
kernel.
Ubuntu systems are not normally vulnerable, because bwrap is not
normally setuid there.
(GHSA-j2qp-rvxj-43vj, CVE ID pending)
- Fixes test failure with libcap >= 2.29 (Closes: #951577)
* Update various URLs from https://github.com/projectatomic/bubblewrap
to https://github.com/containers/bubblewrap
* Set upstream metadata fields: Repository.
* Remove obsolete field Name from debian/upstream/metadata (already
present in machine-readable debian/copyright).
* Standards-Version: 4.5.0 (no changes required)
* d/tests/control: Qualify CLI tools with :native.
Thanks to Steve Langasek (Closes: #948617)
-- Simon McVittie <email address hidden> Mon, 30 Mar 2020 14:33:54 +0100
Available diffs
bubblewrap (0.4.0-1ubuntu3) focal; urgency=medium
* d/p/update-output-patterns-libcap-2.29.patch: cherry-pick fix proposed
fix to capability drop-related tests, which broke with newer libcap2.
-- Ćukasz 'sil2100' Zemczak <email address hidden> Wed, 26 Feb 2020 21:39:11 +0100
Available diffs
bubblewrap (0.4.0-1ubuntu2) focal; urgency=medium * No-change rebuild with fixed binutils on arm64. -- Matthias Klose <email address hidden> Sat, 08 Feb 2020 10:56:27 +0000
Available diffs
- diff from 0.4.0-1ubuntu1 to 0.4.0-1ubuntu2 (330 bytes)
bubblewrap (0.4.0-1ubuntu1) focal; urgency=medium * Make autopkgtests cross-test-friendly. -- Steve Langasek <email address hidden> Fri, 10 Jan 2020 10:31:19 -0800
Available diffs
- diff from 0.4.0-1 (in Debian) to 0.4.0-1ubuntu1 (725 bytes)
bubblewrap (0.4.0-1) unstable; urgency=medium * New upstream release * Use debhelper-compat 12 * Standards-Version: 4.4.1 (no changes required) -- Simon McVittie <email address hidden> Thu, 28 Nov 2019 11:14:41 +0000
Available diffs
- diff from 0.3.3-2 to 0.4.0-1 (113.9 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
bubblewrap (0.3.3-2) unstable; urgency=medium
* Release to unstable
* d/salsa-ci.yml: Request standard CI on salsa.debian.org
* d/rules: Disable any active LD_PRELOAD hacks while running tests.
These will typically assume a fully-featured OS (for example faketime
assumes sem_open() will work), but bubblewrap is a low-level tool
that temporarily operates in a container that is only partially
functional (for example /dev/shm isn't always mounted).
* Standards-Version: 4.4.0 (no changes required)
-- Simon McVittie <email address hidden> Tue, 09 Jul 2019 09:34:53 +0100
Available diffs
- diff from 0.3.1-4 to 0.3.3-2 (126.1 KiB)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
bubblewrap (0.3.1-4) unstable; urgency=medium
* d/p/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch:
Replace with the version that was applied upstream
* d/p/tests-Ensure-that-tmpfs-with-oldroot-newroot-doesn-t-appe.patch:
Add a test to check that the above patch works as intended
-- Simon McVittie <email address hidden> Wed, 06 Mar 2019 14:43:44 +0000
Available diffs
- diff from 0.3.1-3 to 0.3.1-4 (2.5 KiB)
bubblewrap (0.3.1-3) unstable; urgency=medium
* d/p/Don-t-create-our-own-temporary-mount-point-for-pivot_root.patch:
Avoid denial of service and potential symlink attacks on systems not
using systemd-logind (Closes: #923557)
* Standards-Version: 4.3.0 (no changes required)
* d/upstream/metadata: Add DEP-12 metadata
-- Simon McVittie <email address hidden> Sat, 02 Mar 2019 13:03:29 +0000
Available diffs
- diff from 0.3.1-2 to 0.3.1-3 (1.9 KiB)
| Published in bionic-updates |
| Published in bionic-security |
| Superseded in bionic-updates |
| Superseded in bionic-security |
bubblewrap (0.2.1-1ubuntu0.1) bionic-security; urgency=medium
[ Iain Lane ]
* Don't install setuid on Ubuntu & derivatives since Ubuntu's
kernel enables unprivileged user namespaces (LP: #1795668, LP: #1709164)
* debian/tests/basic: We're not setuid - in this case we have to use a new
user namespace. Not all the GIDs from the parent namespace are mapped
through, and so testing that `id` is identical inside and out of the
bubblewrap is not going to work. Let's make sure that the euid and egid
are the same.
-- Jeremy Bicha <email address hidden> Tue, 02 Oct 2018 11:03:48 -0400
Available diffs
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
bubblewrap (0.3.1-2) unstable; urgency=medium
[ Iain Lane ]
* d/tests/basic: Don't assume `id` will be the same inside the sandbox,
making this test pass on (Ubuntu) systems where bubblewrap is not
setuid (Closes: #910006)
* d/tests/upstream-usrmerge: Add a test to ensure that bubblewrap
works on a /usr-merged system
[ Simon McVittie ]
* d/p/tests-Handle-systems-without-merged-usr.patch:
Add patch from upstream git to make tests pass on non-merged-/usr
systems where bubblewrap is not setuid. Thanks to Iain Lane.
* d/p/man-page-Describe-chdir-not-nonexistent-cwd.patch:
Add patch from upstream git to fix documentation of --chdir option
* d/p/Make-lockdata-long-enough-on-32-bit-with-64-bit-file-poin.patch:
Add patch from upstream git to fix lock handling in tests on 32-bit
platforms with 64-bit off_t. Thanks to Timothy E Baldwin.
-- Simon McVittie <email address hidden> Wed, 03 Oct 2018 15:23:27 +0100
Available diffs
| Superseded in cosmic-release |
| Superseded in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
bubblewrap (0.3.1-1ubuntu2) cosmic; urgency=medium
* debian/patches/tests-Handle-systems-without-merged-usr.patch: Update to
new upstream version.
* debian/tests/basic: We're not setuid - in this case we have to use a new
user namespace. Not all the GIDs from the parent namespace are mapped
through, and so testing that `id` is identical inside and out of the
bubblewrap is not going to work. Let's make sure that the euid and egid
are the same.
-- Iain Lane <email address hidden> Fri, 28 Sep 2018 15:43:11 +0100
Available diffs
- diff from 0.3.0-1 (in Debian) to 0.3.1-1ubuntu2 (110.6 KiB)
- diff from 0.3.1-1ubuntu1 to 0.3.1-1ubuntu2 (1.5 KiB)
| Superseded in cosmic-proposed |
bubblewrap (0.3.1-1ubuntu1) cosmic; urgency=medium
* debian/patches/tests-Handle-systems-without-merged-usr.patch: We don't yet
have the /usr merge - modify the testsuite to handle this situation.
* Add a test to ensure that usrmerge continues to work. This installs
usrmerge inside the testbed, which is a destructive package, so it is
added with Restrictions: breaks-testbed.
Available diffs
- diff from 0.3.0-1 (in Debian) to 0.3.1-1ubuntu1 (110.1 KiB)
bubblewrap (0.3.0-1) unstable; urgency=medium
* New upstream release
* Upload to unstable
- d/gbp.conf: Switch back to debian/master
* Standards-Version: 4.1.5 (no changes required)
-- Simon McVittie <email address hidden> Thu, 12 Jul 2018 10:03:38 +0100
Available diffs
- diff from 0.2.1-1 to 0.3.0-1 (112.1 KiB)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
bubblewrap (0.2.1-1) unstable; urgency=medium
* New upstream release
- Drop all patches except
d/p/debian/Use-Python-3-for-test-demo-code.patch, merged upstream
* Standards-Version: 4.1.4 (no changes required)
-- Simon McVittie <email address hidden> Sun, 08 Apr 2018 15:42:03 +0100
Available diffs
- diff from 0.2.0-4 to 0.2.1-1 (119.7 KiB)
bubblewrap (0.2.0-4) unstable; urgency=medium
* Change Vcs-* to point to salsa.debian.org
* Standards-Version: 4.1.3 (no changes required)
* d/control, d/tests/control,
d/p/debian/Use-Python-3-for-test-demo-code.patch:
Use Python 3 for tests and demo code
* d/control: Annotate python3 dependency with <!nocheck>
-- Simon McVittie <email address hidden> Wed, 17 Jan 2018 14:12:50 +0000
Available diffs
- diff from 0.2.0-2 to 0.2.0-4 (2.9 KiB)
- diff from 0.2.0-3 to 0.2.0-4 (1.2 KiB)
bubblewrap (0.2.0-3) unstable; urgency=medium
* d/patches/0.2.1/userns-block-fd-*.patch: Update patches to match
what was merged upstream, with both Python 2 and 3 support
* Standards-Version: 4.1.2 (no changes required)
-- Simon McVittie <email address hidden> Fri, 15 Dec 2017 15:01:39 +0000
Available diffs
- diff from 0.2.0-2 to 0.2.0-3 (2.4 KiB)
bubblewrap (0.2.0-2) unstable; urgency=medium
* Build-depend on automake (>= 1.14.1) to avoid backports
resolvers sometimes deciding to install automake1.11, which is
not enough
* Standards-Version: 4.1.1 (no changes required)
* Set Rules-Requires-Root: no
* d/dist/, d/patches/dist/: Add missing files via a patch instead of
shipping them in debian/
* Add patches to make demos/userns-block-fd.py work on Debian
-- Simon McVittie <email address hidden> Tue, 31 Oct 2017 15:53:05 +0000
Available diffs
- diff from 0.2.0-1 to 0.2.0-2 (9.0 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
bubblewrap (0.2.0-1) unstable; urgency=medium
* New upstream release
* d/watch: Import release tarballs
* d/gbp.conf: Merge upstream git tags into the tarball imports
* d/watch: Stop repacking upstream tarballs
* d/dist/: Add upstream README.md and demos/ directory, which are
missing from the official tarball releases
-- Simon McVittie <email address hidden> Mon, 09 Oct 2017 17:31:27 +0100
Available diffs
- diff from 0.1.8-3 to 0.2.0-1 (142.5 KiB)
bubblewrap (0.1.8-3) unstable; urgency=medium
* Use Perl rather than shell script for the autopkgtest test cases.
This avoids needing the uncommon bats package, or writing shell
scripts.
-- Simon McVittie <email address hidden> Tue, 25 Jul 2017 21:10:13 +0100
Available diffs
- diff from 0.1.8-2 to 0.1.8-3 (1.9 KiB)
bubblewrap (0.1.8-2) unstable; urgency=medium
* Standards-Version: 4.0.0
- Use https URL for format of debian/copyright
* Upload to unstable
-- Simon McVittie <email address hidden> Wed, 21 Jun 2017 14:14:20 +0100
Available diffs
- diff from 0.1.8-1 to 0.1.8-2 (581 bytes)
bubblewrap (0.1.8-1) experimental; urgency=medium
* New upstream release
- Stop trying to run tests/test-basic.sh, it no longer exists
- Build-depend on python, one test now needs it
* Build-depend on docbook-xml for the documentation DTD
* Move to debhelper compat level 10
- drop dh-autoreconf, it is now done by default
- drop explicit --parallel, it is now the default
-- Simon McVittie <email address hidden> Mon, 03 Apr 2017 18:35:44 +0100
Available diffs
- diff from 0.1.7-1 to 0.1.8-1 (8.0 KiB)
bubblewrap (0.1.7-0ubuntu0.16.10.1) yakkety-security; urgency=medium * SECURITY UPDATE: bubblewrap escape via TIOCSTI ioctl (LP: #1657357) - Fixed in new upstream release 0.1.7 by adding --new-session option that use setsid() before executing sandboxed code. Users of bubblewrap to confine untrusted programs should either add --new-session to the bwrap command line, or prevent the TIOCSTI ioctl with a seccomp filter instead (as Flatpak does). - New upstream release also adds --unshare-all option to easily sandbox all namespaces. A --share-net option can be used with --unshare-all to retain the network namespace. - CVE-2017-5226 * debian/bubblewrap.examples: install upstream examples -- Jeremy Bicha <email address hidden> Thu, 19 Jan 2017 21:31:11 -0500
Available diffs
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
bubblewrap (0.1.7-1) unstable; urgency=medium
* New upstream release
- effectively the same as 0.1.6-2
- drop all patches
-- Simon McVittie <email address hidden> Thu, 19 Jan 2017 14:33:46 +0000
Available diffs
- diff from 0.1.6-2 to 0.1.7-1 (9.9 KiB)
bubblewrap (0.1.6-2) unstable; urgency=medium
* d/p/Make-the-call-to-setsid-optional-with-new-session.patch:
Add patch from upstream to make the setsid() that addresses
CVE-2017-5226 optional, because it breaks interactive shells.
Users of bubblewrap to confine untrusted programs should either
add --new-session to the bwrap command line, or prevent the
TIOCSTI ioctl with a seccomp filter instead (as Flatpak does).
- d/control: add Breaks on versions of Flatpak that did not
load the necessary seccomp filter to prevent CVE-2017-5226
* d/p/demos-bubblewrap-shell.sh-Unshare-all-namespaces.patch:
Add patch from upstream to improve example code
* d/p/Call-setsid-and-setexeccon-befor-forking-the-init-monitor.patch,
d/p/Install-seccomp-filter-at-the-very-end.patch:
Add patches from upstream to re-order initialization. This means
the seccomp filter is no longer required to account for syscalls that
are made by bwrap itself.
* d/p/Add-unshare-all-and-share-net.patch:
Add patch from upstream introducing new command line options
--unshare-all and --share-net, for a more whitelist-based approach
to sharing namespaces with the parent.
-- Simon McVittie <email address hidden> Wed, 18 Jan 2017 00:56:19 +0000
Available diffs
- diff from 0.1.6-1 to 0.1.6-2 (5.3 KiB)
bubblewrap (0.1.6-1) unstable; urgency=medium
* New upstream release
- drop the only patch, applied upstream
* debian/patches: update to upstream master for additional fixes
to SIGCHLD handling and documentation, and improved hardening
against being able to obtain capabilities
* debian/bubblewrap.examples: install upstream examples
-- Simon McVittie <email address hidden> Sat, 14 Jan 2017 22:18:09 +0000
Available diffs
- diff from 0.1.5-2 to 0.1.6-1 (5.2 KiB)
bubblewrap (0.1.5-2) unstable; urgency=high
* d/p/Call-setsid-before-executing-sandboxed-code-CVE-2017-5226.patch:
Call setsid() before executing sandboxed code, preventing a
sandboxed executable invoked with a controlling terminal (for
example in Flatpak) from escalating its privileges by injecting
keypresses into the controlling terminal with the TIOCSTI
ioctl. (Closes: #850702; CVE-2017-5226)
* d/control: remove Maintainer status from Laszlo Boszormenyi at his
request. Add him to Uploaders instead, and hand the package over
to the Utopia Maintenance Team (the same as OSTree and Flatpak).
-- Simon McVittie <email address hidden> Mon, 09 Jan 2017 18:09:54 +0000
Available diffs
- diff from 0.1.5-1 to 0.1.5-2 (1.2 KiB)
| Superseded in yakkety-updates |
| Superseded in yakkety-security |
| Deleted in yakkety-proposed (Reason: moved to -updates) |
bubblewrap (0.1.5-1~ubuntu16.10.0) yakkety-security; urgency=medium * SECURITY UPDATE: privilege escalation via ptrace (LP: #1643734) - Fixed in new upstream release 0.1.3 - 0.1.4 further protects against possible ptrace attacks by dropping setcaps support and working around the Linux kernel allowing ptrace in user namespaces - CVE-2016-8659 * Backport 0.1.5-1 from zesty for minor packaging improvements
Available diffs
bubblewrap (0.1.5-1) unstable; urgency=medium
* New upstream release
- drop all patches, applied upstream
- debian/copyright: update for build system additions
-- Simon McVittie <email address hidden> Tue, 20 Dec 2016 11:25:23 +0000
Available diffs
- diff from 0.1.4-2 to 0.1.5-1 (8.5 KiB)
bubblewrap (0.1.4-2) unstable; urgency=medium
* d/tests/*: only run tests on a real or virtual machine, not in a
container. bubblewrap is effectively already a container, and
nesting containers doesn't work particularly well.
Unfortunately this means the tests won't work on ci.debian.net,
which uses LXC.
-- Simon McVittie <email address hidden> Thu, 01 Dec 2016 12:42:33 +0000
Available diffs
- diff from 0.1.3-1 to 0.1.4-2 (14.2 KiB)
- diff from 0.1.4-1 to 0.1.4-2 (556 bytes)
bubblewrap (0.1.4-1) unstable; urgency=medium
* New upstream release
* d/p/test-run-be-a-bash-script.patch,
d/p/test-run-don-t-assume-we-are-uid-1000.patch,
d/p/Adapt-tests-so-they-can-be-run-against-installed-binaries.patch,
d/p/Fix-incorrect-nesting-of-backticks-when-finding-a-FUSE-mo.patch:
improve the upstream tests
* d/tests/upstream: run the upstream tests as autopkgtests
* d/rules: Do not enable setuid mode at configure time. If we do, we
can't run the build-time tests, and it no longer makes any difference
to the actual code. Make the executable setuid via Debian packaging
instead.
-- Simon McVittie <email address hidden> Tue, 29 Nov 2016 12:55:31 +0000
Available diffs
- diff from 0.1.3-1 to 0.1.4-1 (14.0 KiB)
bubblewrap (0.1.3-1) unstable; urgency=medium
* New upstream release
- bring back --set-hostname, the upstream fix for CVE-2016-8659
makes it no longer a vulnerability
-- Simon McVittie <email address hidden> Sun, 16 Oct 2016 14:32:11 +0100
Available diffs
- diff from 0.1.2-1 to 0.1.3-1 (2.8 KiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
bubblewrap (0.1.2-1) unstable; urgency=medium * New upstream release -- Simon McVittie <email address hidden> Fri, 09 Sep 2016 09:22:57 +0100
Available diffs
- diff from 0.1.1-1 to 0.1.2-1 (5.6 KiB)
bubblewrap (0.1.1-1) unstable; urgency=medium
* New upstream release
- drop patch, included upstream
-- Simon McVittie <email address hidden> Sun, 17 Jul 2016 09:08:35 +0100
Available diffs
- diff from 0.1.0-3 to 0.1.1-1 (2.5 KiB)
bubblewrap (0.1.0-3) unstable; urgency=medium
* d/control: bubblewrap is Multi-Arch: foreign
* Hardening: build as a position-independent executable with
eager symbol binding
-- Simon McVittie <email address hidden> Wed, 06 Jul 2016 11:07:32 +0100
Available diffs
- diff from 0.1.0-2 to 0.1.0-3 (616 bytes)
bubblewrap (0.1.0-2) unstable; urgency=medium
* Run basic and dev autopkgtests in addition to userns
* Really add the regression test for keeping CAP_NET_ADMIN
* debian/gbp.conf: add DEP-14-style git-buildpackage configuration
* Normalize package lists via `wrap-and-sort -abst`
* Add Vcs-Git, Vcs-Browser metadata
* d/p/build-put-libraries-in-LDADD-not-LDFLAGS.patch: new patch
fixing linking with -Wl,--as-needed (closes: #826787)
-- Simon McVittie <email address hidden> Tue, 14 Jun 2016 16:28:09 -0400
Available diffs
- diff from 0.1.0-1 to 0.1.0-2 (2.2 KiB)
bubblewrap (0.1.0-1) unstable; urgency=low
* New upstream release (closes: #826358).
* Add watch file.
* Add Simon McVittie as uploader.
[ Simon McVittie <email address hidden> ]
* debian/copyright: correct package name and source (closes: #824969)
* debian/control: make the whole package Linux-only. Like Flatpak, this
package is inherently non-portable.
* Move from Section: web to Section: admin
* Increase Priority to optional, because this tool is likely to be
depended on by gnome-software (via Flatpak) in future
* Add some simple autopkgtests, including one for bug 71 (closes: #824968)
-- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 06 Jun 2016 17:20:38 +0000
Available diffs
- diff from 0~git160513-2 to 0.1.0-1 (5.3 KiB)
| Superseded in yakkety-proposed |
bubblewrap (0~git160513-2) unstable; urgency=low * Install bwrap binary setuid (closes: #824646). * Make libselinux1-dev build dependency Linux only. -- Laszlo Boszormenyi (GCS) <email address hidden> Thu, 19 May 2016 15:24:35 +0000
Available diffs
- diff from 0~git160513-1 to 0~git160513-2 (903 bytes)
| Superseded in yakkety-proposed |
bubblewrap (0~git160513-1) unstable; urgency=low * Initial upload (closes: #823548). -- Laszlo Boszormenyi (GCS) <email address hidden> Tue, 10 May 2016 08:45:59 +0000
| 1 → 51 of 51 results | First • Previous • Next • Last |
