Releases: flatpak/flatpak
1.14.0
Released: 2022-08-22
Known issues:
- There may be an issue where non-primary architecture builds don't show up
(#5045) - There is a new security advisory on Flatpak but all supported versions are
not affected due to using new enough versions of libostree
(GHSA-45jq-5658-v38x)
Dependencies:
- Conditional on a build time option, revokefs will now use version 3 of the
FUSE API rather than version 2 (#4326) - Libappstream should be updated to at least 0.15.3 to avoid critical warning
messages when using the "flatpak search" command
(ximion/appstream#384)
New features:
- A new key "DeploySideloadCollectionID" is now supported in flatpakref and
flatpakrepo files, to allow setting a collection ID at the time a remote is
added from one of those files, rather than when metadata is pulled from the
remote, and without affecting versions of Flatpak with the older pre-sideload
P2P implementation (#4826) - Allow sub-sandboxes to own MPRIS names on the session bus (#5023)
- Commands that accept "--user" will now also take "-u" as an alias for that
(#5014) - The CLI now properly informs the user of which apps are (indirectly) using
end-of-life runtime extensions in end-of-life info messages (#4835) - The CLI now takes into account operations in the pending transaction when
printing end-of-life messages (#4835) - The uninstall command now asks for confirmation before removing in-use
runtimes or runtime extensions (#4835) - A "--socket=gpg-agent" option is now recognized by "flatpak run" and related
commands (#4958)
Bug fixes:
- Fix a memory corruption issue caused by use of libcurl in an unsafe way
(#5046) - Update selinux policy to cover symbolic links in /var/lib/flatpak (#4992)
- Fix a crash in case a .desktop file processed by the build-export command has
no Exec= key, and some related fixes for handling such .desktop files (#4817) - Preserve the X11 display number rather than redirecting it to :99 (#5034)
Other changes:
- Various improvements to the unit tests, CI infra, and documentation
- Some changes were made to ensure translators can work on full sentences
rather than fragments in several places - Translation updates: de, ru, sv, tr, uk, zh_CN
$ sha256sum -b flatpak-1.14.0.tar.xz
8e276973770ea24ddf2597ad4aecd36b98393e6bde91e48e1743aaca67f27815 *flatpak-1.14.0.tar.xz
1.13.3
Released: 2022-06-16
Dependencies:
- Support curl 7.29 or later as an additional, and the default, HTTP backend
alongwith libsoup 2.x (#4943) - Clarify that glib 2.46 or later is now required (#4944)
New features:
- Implement support for rewriting dynamic launchers when an app is renamed
(#4703) - Add --include-sdk/debug options to install command to install SDK/debuginfo
along with a ref (#4777) - Improve --sideload-repo option to take create-usb dirs (#4843)
- Add a new library API flatpak_transaction_get_operation_for_ref() (#4947)
Bug fixes:
- Update the SELinux module to explicitly permit the system helper have read
access to /etc/passwd and systemd-userdbd, read and lock access to
/var/lib/flatpak, and watch files inside $libexecdir (#4852, #4855, #4892) - Fix the error messages and the exit code of the 'uninstall' command when
non-existent refs are specified (#4857) - Be more careful with errors when creating directories and deleting files,
and address some memory errors (#4930) - Fix support for --noninteractive in the 'uninstall' command (#4947)
Other changes:
- Cosmetic improvements to end-of-life messages and other aspects of the CLI
output (#4947) - Speed up the tests by not installing the polkit agent (#4942)
- Disable fuzzy ref matching when ID has a period or a slash, or when the
standard input or output is not a TTY (#4829, #4848) - Update the icon-validator to print the format and size for consumption by
the dynamic launcher portal (#4803, #4808) - Remove a pointless test (#4856)
- Improve various details of the GitHub workflows (#4870)
- Prepare for the addition of a Meson build (#4842, #4871, #4888, #4889, #4890)
- Only add the specified 'summary-arches' to the compat summary. This is
important since we're nearing the 10MB size limit for Flathub's legacy
summary files. (#4880) - Translation updates: id, pt, sv, tr, uk
$ sha256sum -b flatpak-1.13.3.tar.xz
f696a4f6587f72a03c2770352f610938d073798a9e3fc6df6aff463509dbf804 *flatpak-1.13.3.tar.xz
1.13.2
Released: 2022-03-14
Bug fixes:
- Consistently pass relative subpaths to libostree, working around a bug
in libostree < 2021.6 when used with GLib >= 2.71 (#4805) - Document have-kernel-module-* as having been added in 1.13.1
- Fix some memory leaks in GVariant data processing
$ sha256sum -b flatpak-1.13.2.tar.xz
27dad03c8478672c0dcbe4d104178c53f49e653a23835c4311f10452236b64b0 *flatpak-1.13.2.tar.xz
1.12.7
Released: 2022-03-14
- We now allow networked access to X11 and PulseAudio services if that is configured, and the application has network access. (#397, #3908, #4702)
- Absolute paths in WAYLAND_DISPLAY now work (#4752)
- Allow apps that were built with Flatpak 1.13.x to export AppStream metadata in share/metainfo (#4350, #4599)
- Most commands now work if /var/lib/flatpak exists but /var/lib/flatpak/repo does not, and will automatically populate the repo directory if possible (#4111)
- Consistently pass relative subpaths to libostree, working around a bug in libostree < 2021.6 when used with GLib >= 2.71 (#4805)
- Fix some memory leaks in GVariant data processing
$ sha256sum -b flatpak-1.12.7.tar.xz
6db52a531ce278282ac7ebfb99f66a0bb3eccaf44e864844c2c95c1ee5ba9316 *flatpak-1.12.7.tar.xz
Release 1.13.1
Dependencies:
- libappstream 0.12.0 or later is now required
- appstream-glib is no longer required
- In distributions that compile Flatpak to use a separate bubblewrap (bwrap)
executable, version 0.5.0 is now required
New features:
- Create a directory for XDG_STATE_HOME and set the environment variable
(#4477)- Apps requiring a state directory without a dependency on this updated
Flatpak version can get similar functionality by using:
--persist=.local/state --unset-env=XDG_STATE_HOME
which will use the same storage location
- Apps requiring a state directory without a dependency on this updated
- Set HOST_XDG_STATE_HOME environment variable (#4477)
- Add have-kernel-module-foo family of conditionals for extensions, a
generalization of have-intel-gpu (which is now mostly equivalent to
have-kernel-module-i915) (#4647) - Add
flatpak document-unexport --doc-id=...
(#1897) - Export Appstream metadata for host system to use (#4350, #4599)
- Add command-line completion for the Fish shell (#3109)
- Add FlatpakTransaction:no-interaction API (#4699)
- We now allow networked access to X11 and PulseAudio services
if that is configured, and the application has network access.
(#397, #3908, #4702) flatpak build-init
automatically sets the build directory to be
ignored by git (#4741)
Other changes:
- Updated bundled xdg-dbus-proxy to 0.1.3 (#4737)
- Updated bundled bubblewrap to 0.6.1 (#4779)
- The default branch in the Github repository is now named 'main'
- Don't offer options in CLI tab completion unless the user typed a '-'
(#4753) - Disable fancy output (e.g. progress bars that get redrawn) when
G_MESSAGES_DEBUG is set in the environment (#4767) - Most commands now work if /var/lib/flatpak exists but /var/lib/flatpak/repo
does not, and will automatically populate the repo directory if
possible (#4111) - Disable session bus access for
flatpak-spawn --sandbox
as intended
(#4630) - Make
sudo flatpak --user ...
fail with an error message, since acting
on root's per-user installation is unlikely to be what was intended
(#4638) - Don't mention "negative" permissions like !host in /.flatpak-info (#4691)
- Improve performance when finding related refs
- Use SHA256 instead of SHA1 to avoid false-positives from static analysis
(in fact the use of SHA1 was not security-sensitive here) (#4716) - Create sandbox's XDG_RUNTIME_DIR with 0700 permissions (#3397)
- Always create /.flatpak-info with 0600 permissions
- Absolute paths in WAYLAND_DISPLAY now work (#4752)
- Improve reliability of detecting the current GTK theme (#4754)
- Fix some error code paths when deploying malformed apps
- Improve some error messages
- Use URN for fontconfig DTD, consistent with fontconfig itself (#4617)
- Use
type -P
orcommand -v
in preference to which(1) (#4696) - Improve measurement of test coverage (#4681)
- Translation updates: de, fr, hi, hr, id, oc, pl, pt_BR, sv, uk, zh_CN
$ sha256sum flatpak-1.13.1.tar.xz
e81805618a635592918f2c70f80fa1052d684f580db677ff6bf5838863375c2b flatpak-1.13.1.tar.xz
Release 1.12.6
- Fix a bug that sometimes caused repo corruption in case downloads are
interrupted or canceled, necessitating a "flatpak repair" to recover
(#3479, #4258) - More reliably detect the GTK theme (#4754)
- Fix history command unit test in some edge cases (#4764)
- Improve NEWS for 1.12.5
- Translation update: pt_BR
$ sha256sum flatpak-1.12.6.tar.xz
ef02cb505b91cce5173099b5485768eef1899ebcf39edf827c4254163a811627 flatpak-1.12.6.tar.xz
Release 1.12.5
- Fixed a case where temrporary data was sometimes left in
/var/lib/flatpak/appstream, and we now detect such leftover data and
remove it. - Fix regressions in
flatpak history
since 1.9.1- Don't display the appstream branch used internally
- Don't display temporary repositories used internally
- Warn instead of failing if other non-app, non-runtime refs are found
- Don't set up an unnecessary polkit agent for
flatpak history
- Add test coverage
- Don't propagate GStreamer-related environment variables into sandbox
- Fix a typo in an error message
- Fix incorrect year in NEWS for 1.12.4 release
- Translation update: pl
$ sha256sum flatpak-1.12.5.tar.xz
1cb4a0b0b0c1bdffe644011ee8d17e437b4917c21d4384ec111b3f328206166c flatpak-1.12.5.tar.xz
Release 1.8.7
This is an "old-stable" update for users of the Flatpak 1.8.x branch, such as Red Hat Enterprise Linux 8. In environments that do not need to stay on a specific branch, updating to the newest stable version instead of using this version is recommended. At the time of writing, the newest stable version is 1.12.4.
This is a security update that fixes two issues that were found in flatpak:
GHSA-qpjc-vq3c-572j
(also known as CVE-2021-43860)
This issue is about the possibility for a malicious repository to send
invalid application metadata in a way that hides some of the app
permissions displayed during installation.
GHSA-8ch7-5j3h-g4fx
(also known as CVE-2022-21682)
This issue is a problem with how flatpak-builder uses flatpak, that
can cause flatpak-builder --mirror-screenshots-url
commands to be
allowed to create directories outside of the build directory.
The fix for this is is the addition of a new option
--nofilesystem=host:reset
, which in addition to behaving like
--nofilesystem=host
, the new option prevents filesystem permissions
from being inherited from the app manifest.
$ sha256sum flatpak-1.8.7.tar.xz
9d082c81fa733382fc5688b880941e6c82ec671b0a4a4f875b5d66c091a224c3 flatpak-1.8.7.tar.xz
Release 1.8.6
This is an "old-stable" update for users of the Flatpak 1.8.x branch, such as Red Hat Enterprise Linux 8. In environments that do not need to stay on a specific branch, updating to the newest stable version instead of using this version is recommended. At the time of writing, the newest stable version is 1.12.4.
This security update fixes a potential attack where a flatpak application
could use custom formated .desktop files to gain access to files on the
host system. (CVE-2021-21261)
For details, see:
GHSA-4ppf-fxf6-vxg2
This security update also fixes a security vulnerability in the portal
support. Some recently added syscalls were not blocked by the seccomp rules
which allowed the application to create sub-sandboxes which can confuse
the sandboxing verification mechanisms of the portal. This has been
fixed by extending the seccomp rules. (CVE-2021-41133)
For details, see:
GHSA-67h7-w3jq-vh4q
Other changes:
- Don't inherit an unusual $XDG_RUNTIME_DIR setting into the sandbox, fixing
a regression introduced when CVE-2021-21261 was fixed in 1.8.5 and 1.10.0 - Fix fd confusion in flatpak-spawn --env=... --forward-fd=..., resolving a
regression introduced in 1.8.5 - Fix deploys of local remotes in system-helper, possibly involving newer
GLib versions - Memory leak fixes backported from 1.10.2 and 1.11.2
- File descriptor leak fixes backported from 1.10.2, 1.10.3 and 1.11.2
- Add --enable-asan configure option backported from 1.10.1
- The .profile snippets now disable GVfs when calling flatpak to
avoid spawning a gvfs daemon when logging in via ssh - Fix test failures on non-x86_64 systems
- Update Polish translation
$ sha256sum flatpak-1.8.6.tar.xz
70dc6bb6231c494885dd82f6607a3033b7636c0ad0c399e59f7c760fbffb4de7 flatpak-1.8.6.tar.xz
1.12.4
Released: 2022-01-18
This is a regression fix update, reverting non-backwards-compatible
behaviour changes in the solution previously chosen for CVE-2022-21682.
Flatpak 1.12.3 and 1.10.6 changed the behaviour of --nofilesystem=host
and --nofilesystem=home
in a way that was not backwards-compatible in
all cases. For example, some Flatpak users previously used a global
flatpak override --nofilesystem=home
or
flatpak override --nofilesystem=host
, but expected that individual apps
would still be able to have finer-grained filesystem access granted by the
app manifest, such as Zoom's --filesystem=~/Documents/Zoom:create
. With
the changes in 1.12.3, this no longer had the intended result, because
--nofilesystem=home
was special-cased to disallow inheriting the
finer-grained --filesystem
.
Flatpak 1.12.4 and 1.10.7 return to the previous behaviour of
--nofilesystem=host
and --nofilesystem=home
. Instead, CVE-2022-21682
will be resolved by a new 1.2.2 release of flatpak-builder, which will
use a new option --nofilesystem=host:reset
introduced in Flatpak 1.12.4
and 1.10.7. In addition to behaving like --nofilesystem=host
, the new
option prevents filesystem permissions from being inherited from the
app manifest.
Other changes:
- Clarify documentation of
--nofilesystem
- Improve unit test coverage around
--filesystem
and--nofilesystem
- Restore compatibility with older appstream-glib versions, fixing a
regression in 1.12.3
sha256:
792e6265f7f6d71b2a087028472a048287bed2587e43d2eec2c31d360c16211c *flatpak-1.12.4.tar.xz