This is an "old-stable" release for long-term-support distributions, backporting the security fix from 1.14.6. If possible, please use the latest stable branch (1.14.x) instead.
Security fixes:
- Don't allow an executable name to be misinterpreted as a command-line
option for bwrap(1). This prevents a sandbox escape where a malicious
or compromised app could ask xdg-desktop-portal to generate a .desktop
file with access to files outside the sandbox. (CVE-2024-32462)
241c22a91a5dfcf4f0575cde47868b57ac4c5c93951ae33b25293aa0d61bf092 *flatpak-1.10.9.tar.xz