This release fixes a security vulnerability in the portal
support. Some recently added syscalls were not blocked by the seccomp rules
which allowed the application to create sub-sandboxes which can confuste
the sandboxing verification mechanisms of the portal. This has been
fixed by extending the seccomp rules.
For details, see:
GHSA-67h7-w3jq-vh4q
Other changes in this version:
- OCI now use the pax tar format which handles large files better than gnutar
- Fix the parental control checks for root
$ sha256sum flatpak-1.10.4.tar.xz
641f1a62b1b875cc0561ab9bdfd3030071286d6021ae4bac6f80094408f00d1c flatpak-1.10.4.tar.xz