This release is intended to be used as part of Flatpak 1.14.x. If possible, please upgrade to 0.10.0 or later instead.
- Backport the
--[ro-]bind-fdoption from 0.10.0. This can be used to mount a filesystem represented by a file descriptor without time-of-check/time-of-use attacks, and is needed when resolving CVE-2024-42472 (GHSA-7hgv-f2j8-xw87) in Flatpak.
d8cab8943a36cd1bc1b8c63596c6ef6b29b12883d90ed9b14a969795ac60ddef bubblewrap-0.6.3.tar.xz