This is the first stable release in the 1.12.x series. The major changes
in this series is the support for better control of sub-sandboxes, as
used by the Steam Flatpak app to run Windows games under Proton.
In addition, this release fixes a security vulnerability in the portal
support. Some recently added syscalls were not blocked by the seccomp rules
which allowed the application to create sub-sandboxes which can confuse
the sandboxing verification mechanisms of the portal. This has been
fixed by extending the seccomp rules. (CVE-2021-41133)
For details, see:
GHSA-67h7-w3jq-vh4q
Other changes in this version:
- Some test fixes
- Update translations
- Support for specifying the flatpak binary to use during exports
- Install translations for all languages in the locale, not just the ones in
LC_MESSAGES. - Fix progress reporting in flatpak fsck
- Handle cases where /var/tmp is a symlink
- Expose /etc/gai.conf to the sandbox
- Fix the parental control checks for root
- Handle missing /etc/ld.so.cache (musl)
$ sha256sum flatpak-1.12.0.tar.xz
d8a9a1f4cd1790711e836964eab6fb69de83b86c902249fff0c73706c73dd586 flatpak-1.12.0.tar.xz