flatpak (0.8.9-0+deb9u3) stretch; urgency=medium

  * d/p/run-Only-compare-the-lowest-32-ioctl-arg-bits-for-TIOCSTI.patch:
    Reject all ioctls that the kernel will interpret as TIOCSTI,
    including those where the high 32 bits in a 64-bit word are nonzero.
    (Closes: #925541, CVE-2019-10063)

 -- Simon McVittie <smcv@debian.org>  Tue, 26 Mar 2019 21:11:16 +0000

flatpak (0.8.9-0+deb9u2) stretch-security; urgency=medium

  * d/p/Don-t-expose-proc-when-running-apply_extra.patch:
    Backport patch from upstream v1.2.3: do not let the apply_extra
    script for a system installation modify the host-side executable
    via /proc/self/exe, similar to CVE-2019-5736 in runc
    (Closes: #922059; CVE-2019-8308)

 -- Simon McVittie <smcv@debian.org>  Mon, 11 Feb 2019 21:13:02 +0000

flatpak (0.8.9-0+deb9u1) stretch; urgency=medium

  * New upstream release backporting the following fixes from 0.10.x:
    - common/flatpak-run.c: Ignore unrecognised permission strings
      instead of failing, for forwards compatibility
    - dbus-proxy/flatpak-proxy.c: Fix a D-Bus filtering bypass in
      flatpak-dbus-proxy (Closes: #888842)
    - profile/flatpak.sh.in: Simplify and improve profile.d snippet
      (already done in Debian since 0.8.4-1, no practical effect)
  * Drop our patch to profile/flatpak.sh.in, no longer necessary
  * debian/control: Update Vcs-* metadata for salsa.d.o migration

 -- Simon McVittie <smcv@debian.org>  Tue, 30 Jan 2018 14:49:40 +0000

flatpak (0.8.8-0+deb9u1) stretch; urgency=medium

  * d/watch: Watch for new 0.8.x versions
  * New upstream release from 0.8.x branch, backporting the following
    fixes from 0.10.x:
    - Add compatibility with ostree ≥ 2017.7 (in Debian, the same
      changes were already in 0.8.7-2)
    - Security: Do not allow legacy eavesdropping on the D-Bus
      session bus (Closes: #880451)
    - Ensure that LD_LIBRARY_PATH is in the correct order, respecting
      extensions' priorities
    - Ensure that extensions are mounted in the correct order even if
      they have differing priorities, fixing Steam
    - Remove PYTHONPATH, PERLLIB, PERL5LIB, XCURSOR_PATH from the
      environment given to sandboxed apps
    - Give each app a persistent cache directory for fontconfig
    - Make /usr/share/icons available in the sandbox so that sandboxed
      apps can use the host's icon theme
    - Disable debug-level FUSE logging for the document portal
    - Make the * wildcard at the end of a D-Bus filtering rule match
      zero or more components, so --talk="com.example.Foo.*" behaves
      the same as D-Bus' arg0namespace="com.example.Foo". Previously,
      it would only match exactly one component. This matches a proposed
      design for integrating equivalent filtering into future dbus
      versions.
  * d/p/0.8.8/: Drop patches that added compatibility with
    ostree ≥ 2017.7, no longer necessary

 -- Simon McVittie <smcv@debian.org>  Tue, 31 Oct 2017 18:51:01 +0000

flatpak (0.8.7-2~deb9u1) stretch; urgency=medium

  * Rebuild for stretch
  * Merge changelog from stretch-security
  * debian/gbp.conf: Switch branch to debian/stretch

 -- Simon McVittie <smcv@debian.org>  Mon, 31 Jul 2017 08:44:53 +0100

flatpak (0.8.7-2) unstable; urgency=medium

  * Move upstreamed patch to debian/patches/0.9.1/ to make it obvious
    when it can be dropped
  * d/p/0.8.8/: add patches backported from upstream 0.9.4, 0.9.6,
    together with a new patch to the tests, to restore compatibility
    with libostree 2017.7 (all applied upstream already)

 -- Simon McVittie <smcv@debian.org>  Wed, 28 Jun 2017 11:55:18 +0100

flatpak (0.8.7-1) unstable; urgency=high

  * New upstream stable release
    - Security: prevent deploying files with inappropriate permissions
      (world-writable, setuid, etc.) (Closes: #865413)
    - Security: make ~/.local/share/flatpak private to user to defend
      against app vendors that might have released files with
      inappropriate permissions in the past
    - If an error occurs during pull, do not double-set an error,
      which is considered to be invalid
    - Increase some arbitrary timeouts in a test to make it more
      reliable

 -- Simon McVittie <smcv@debian.org>  Wed, 21 Jun 2017 09:50:09 +0100

flatpak (0.8.5-2+deb9u1) stretch-security; urgency=high

  * d/p/Ensure-we-don-t-install-world-writable-dirs-or-setuid-fil.patch:
    Patch from upstream stable release 0.8.7.
    Prevent deploying files with inappropriate permissions
    (world-writable, setuid, etc.) (Closes: #865413)
  * d/p/dir-Ensure-.local-share-flatpak-is-0700.patch:
    Patch from upstream stable release 0.8.7.
    Make ~/.local/share/flatpak private to user to defend against app
    vendors that might have released files with inappropriate permissions
    in the past

 -- Simon McVittie <smcv@debian.org>  Wed, 21 Jun 2017 12:05:49 +0100

flatpak (0.8.6-1) unstable; urgency=medium

  * New upstream release
    - Fix the return value type for filtered NameHasOwner() D-Bus calls
      (upstream issue 817)
    - Security hardening: Only export .desktop files, D-Bus session
      services and icons, but not other files that an app might try to
      export
    - Allow remote repositories to specify a new GPG key (for key rollover)
      or a new URL (for location migration) in their signed metadata
    - Let KDE apps bind-mount ~/.config/kdeglobals into the sandbox:
      + Allow bind-mounting regular files in the XDG cache, config or data
        directories, not just directories
      + Allow bind-mounting files in the XDG directories read-only, not
        just read/write
    - Close a race condition in app identification by portals
    - Cope with a non-default WAYLAND_DISPLAY
    - Cope with /tmp on the host being a symlink
    - Clear TMPDIR in the sandbox, fixing sandboxed Spotify
    - Add X-Flatpak=$app_id to exported .desktop files
      so that the desktop environment can identify what will be launched
    - Make the host's /etc/hosts and /etc/host.conf available in the sandbox,
      fixing sandboxed Spotify
    - Update Hungarian translation

 -- Simon McVittie <smcv@debian.org>  Mon, 05 Jun 2017 21:30:06 +0100

flatpak (0.8.5-2) unstable; urgency=medium

  * flatpak Recommends xdg-desktop-portal-gtk | xdg-desktop-portal-backend,
    so that sandboxed apps can communicate with the outside world
    (Closes: #861068)

 -- Simon McVittie <smcv@debian.org>  Mon, 24 Apr 2017 12:59:09 +0100

flatpak (0.8.5-1) unstable; urgency=medium

  * New upstream bugfix release
  * Upstream security fixes:
    - dbus-proxy: Fix a use-after-free (no specific exploit is known)
      and several memory leaks
    - system-helper: Correct the check that was meant to prevent
      unprivileged users from downgrading system-wide-installed apps
    - Do not allow downgrading apps to validly-signed older versions
      unless a specific older version is requested, so that a
      man-in-the-middle cannot cause a downgrade to an older app
      version with a vulnerability
  * Other upstream fixes:
    - Increase GLib build-dependency to 2.44 (in practice this was
      already required, there is a patch in jessie-backports to
      relax this)
    - Collect system extension references from all system directories,
      not just the first that exists (upstream issue 654)
    - Stop using ostree trivial-httpd, which is not available in
      post-stretch ostree (upstream issues 658, 723)
    - Be build-time compatible with post-stretch ostree (upstream
      issue 756)
    - Strip ?query suffix before detecting whether a URI points to a
      .flatpakref or .flatpakrepo file (upstream issue 659)
    - Fix a typo in help output
  * d/tests/control: most tests now require python, for the
    ostree-trivial-httpd replacement

 -- Simon McVittie <smcv@debian.org>  Mon, 03 Apr 2017 16:35:44 +0100

flatpak (0.8.4-3) unstable; urgency=medium

  * Mark the one remaining patch as applied in 0.9.1
  * Upload to unstable

 -- Simon McVittie <smcv@debian.org>  Wed, 15 Mar 2017 18:43:51 +0000

flatpak (0.8.4-2) experimental; urgency=medium

  * Explicitly build-depend on automake. Otherwise, the aspcud resolver
    used in experimental sometimes chooses automake1.11 as the best
    solution to dh-autoreconf's dependency on automake | automaken,
    causing FTBFS.
    - Set the dependency to 1.14.1 since flatpak is known to build
      successfully with that version in jessie-backports, whereas older
      versions are not known to work.

 -- Simon McVittie <smcv@debian.org>  Sun, 12 Mar 2017 13:59:18 +0000

flatpak (0.8.4-1) experimental; urgency=medium

  * New upstream bugfix release
    - Don't add flatpak directories to XDG_DATA_DIRS if already present
    - Do add flatpak directories to XDG_DATA_DIRS if it already has
      a non-default value
    - Improve progress estimates and reporting for UI frontends
    - Fill in many missing options in man pages
    - Support extensions that apply to multiple versions, particularly
      useful for OpenGL drivers
    - Support extensions that do not depend on any specific runtime,
      particularly useful for proprietary OpenGL drivers packaged with
      a static binary helper
    - Various fixes for error checking and crashes
    - Make flatpak_get_system_installations() return an array that owns
      (takes responsibility for freeing) its contents. This is
      technically an ABI break, but it makes this function consistent
      with others that have a similar signature, and nothing in Debian
      uses it yet.
    - Disable spliced reads in the FUSE file system, which don't appear
      to work
    - Make FamilyWild xauth tokens available in the sandbox, not
      just FamilyLocal
    - Fix a misleading message on systems without systemd --user:
      it now disables an optional feature without breaking sandboxing
  * Add patch simplifying profile.d snippet
  * Initially upload to experimental since this is relatively large
    for a stable-branch release

 -- Simon McVittie <smcv@debian.org>  Sat, 11 Mar 2017 13:00:05 +0000

flatpak (0.8.3-1) unstable; urgency=medium

  * New upstream bugfix release
    - fixes portals' ability to identify confined apps
      (Closes: #855129)
    - better support for third-party (proprietary) OpenGL drivers
    - better handling of errors for extra-data
    - handle extra-data properly for runtimes (as well as apps)
    - respect required version for runtimes (as well as apps)
    - flatpak list: Don't break if some local ref is not deployed
    - builder: Look for appstream data in /app/share/metadata also
    - builder: Fix buildsystem=cmake builds
    - Add progress reporting to extra-data download
    - Fix uid/gid for directories in document portal
  * Duplicate the profile.d snippet in /etc/X11/Xsession.d so it
    applies to X11 sessions, not just login shells. This matches the
    upstream intention: X11 sessions have traditionally run in a login
    shell on Red Hat derivatives, but not in Debian derivatives.
    (Closes: #846338)

 -- Simon McVittie <smcv@debian.org>  Tue, 14 Feb 2017 14:14:45 +0000

flatpak (0.8.2-1) unstable; urgency=medium

  * New upstream bugfix release
    - drop remaining patch, applied upstream
    - security fix: prevent writing to per-user-installed fonts
      and Flatpak extensions (typically locales)
  * d/control: flatpak-tests Recommends python, which is needed for
    one test (silencing a lintian warning)

 -- Simon McVittie <smcv@debian.org>  Fri, 27 Jan 2017 21:56:51 +0000

flatpak (0.8.1-1) unstable; urgency=medium

  * New upstream release, very similar to 0.8.0-2
    - drop all patches
  * d/p/flatpak-system-helper-remove-dangling-reference-to-EXTERN.patch:
    do not search /export/share, which seems to have been unintended

 -- Simon McVittie <smcv@debian.org>  Thu, 19 Jan 2017 14:55:24 +0000

flatpak (0.8.0-2) unstable; urgency=medium

  * d/p/Use-seccomp-to-filter-out-TIOCSTI-ioctl.patch:
    Add patch from upstream to prevent contained apps from using
    TIOCSTI ioctl. This would let the app inject commands into the
    terminal from which it was invoked (CVE-2017-5226). This was
    initially fixed in bubblewrap by calling setsid(), but that
    breaks the ability to use Ctrl+Z or Ctrl+C on a flatpak-confined
    process, so it is being made optional; prevent the attack here
    instead, in a way that doesn't break shells.
  * d/p/Fix-update-of-standalone-bundle.patch:
    Add patch from upstream to fix updating an existing app with
    "flatpak install --bundle foo.flatpak"
  * d/p/Make-sure-var-tmp-is-not-on-tmpfs.patch:
    Add patch from upstream to mount ~/.var/APP/cache/tmp at /var/tmp
    inside the sandbox, so apps can rely on /var/tmp being on disk
  * d/p/Document-the-DefaultBranch-key.patch,
    d/p/Document-RuntimeRepo-key.patch:
    Add patches from upstream to fill in some missing documentation
  * d/p/testlibrary-ensure-that-contents_array-is-NULL-terminated.patch,
    d/p/tests-Install-testpython.py-executable.patch,
    d/p/tests-Move-the-test-repo-to-a-subdirectory-repos-test.patch:
    Fix some bugs in the tests
  * debian/tests/: split out builder-python into a separate autopkgtest,
    it too has more dependencies

 -- Simon McVittie <smcv@debian.org>  Wed, 18 Jan 2017 00:02:19 +0000

flatpak (0.8.0-1) unstable; urgency=medium

  * New upstream stable release
    - Bump bubblewrap dependencies to 0.1.5 following configure.ac
    - Bump ostree dependency to 2016.15 following upstream release notes
      (the minimal dependency is 2016.14, but 2016.15 is recommended)
    - debian/libflatpak0.symbols: add new ABIs
    - d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
      drop patch, applied upstream
  * debian/gbp.conf: switch upstream branch to debian/0.8.x to follow
    the first upstream stable-branch
  * debian/watch: only follow stable-branches
  * debian/org.freedesktop.Flatpak.pkla: configure polkit 0.105 to
    allow sudoers to uninstall apps and runtimes without re-authenticating,
    following upstream changes to the org.freedesktop.Flatpak.rules used in
    newer polkit versions
  * d/p/Update-Polish-translation.patch: update translated strings from
    upstream git
  * d/p/flatpak-builder-1-fix-typo.patch: fix a typo in the man page

 -- Simon McVittie <smcv@debian.org>  Wed, 21 Dec 2016 14:13:52 +0000

flatpak (0.6.14-3) unstable; urgency=medium

  * d/tests/*: only run tests on a real or virtual machine, not in a
    container. bubblewrap is effectively already a container, and
    nesting containers doesn't work particularly well.
    Unfortunately this means the tests won't work on ci.debian.net,
    which uses LXC.

 -- Simon McVittie <smcv@debian.org>  Thu, 01 Dec 2016 12:42:45 +0000

flatpak (0.6.14-2) unstable; urgency=medium

  * d/p/pull-Exit-early-on-error-without-aborting-transaction.patch:
    Add patch recommended by upstream to fix a GNOME Software crash

 -- Simon McVittie <smcv@debian.org>  Tue, 29 Nov 2016 17:53:34 +0000

flatpak (0.6.14-1) unstable; urgency=medium

  * New upstream release
    - update ostree build-dependency to 2016.14

 -- Simon McVittie <smcv@debian.org>  Tue, 29 Nov 2016 12:51:43 +0000

flatpak (0.6.13-1) unstable; urgency=medium

  * New upstream release
    - update symbols file
    - update ostree build-dependency to 2016.12

 -- Simon McVittie <smcv@debian.org>  Wed, 26 Oct 2016 19:10:48 +0100

flatpak (0.6.12-1) unstable; urgency=medium

  * This release drops source compatibility with Debian jessie. If
    you are building unofficial backports for older Debian derivatives,
    please base them on the debian/jessie-backports git branch instead of
    debian/master from now on.

  * d/control: rely on gtk-update-icon-theme, removing libgtk-3-bin
    alternative.
    - d/p/debian/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
      drop patch, this branch can now rely on having the plain
      gtk-update-icon-theme executable
  * Bump debhelper compatibility level to 10
    - do not explicitly build in parallel, it is now the default
    - do not explicitly enable autoreconf and systemd sequences, they
      are now the default
  * New upstream release
    - d/libflatpak0.symbols: update

 -- Simon McVittie <smcv@debian.org>  Fri, 07 Oct 2016 22:41:21 +0100

flatpak (0.6.11-1) unstable; urgency=medium

  * New upstream release
    - install new man pages flatpak-flatpakrepo(5), flatpak-flatpakref(5)
  * Install Flatpak-1.0.typelib to multiarch path (Closes: #838308)
  * Make gir1.2-flatpak-1.0 Multi-arch: same
  * Make libflatpak-dev depend on gir1.2-flatpak-1.0 in accordance
    with the g-i mini-policy
  * Relicense debian/ under LGPL, with permission from David King
  * Register flatpak-docs.html in the Debian doc-base system

 -- Simon McVittie <smcv@debian.org>  Wed, 21 Sep 2016 19:01:32 +0100

flatpak (0.6.10-1) unstable; urgency=medium

  * New upstream release
    - d/libflatpak0.symbols: update
    - Build-depend on ostree 2016.10
    - Bump bubblewrap (build-)dependencies to 0.1.2
    - Drop all patches except
      d/p/debian/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
      all applied upstream
    - Demote libpam-systemd from Depends to Recommends. It is no longer
      mandatory to be running systemd --user, since flatpak 0.6.10
      identifies contained processes via their
      /proc/$pid/root/.flatpak-info instead of via cgroups
  * d/copyright: mention the Autoconf permissive license of acinclude.m4
  * Make libflatpak-dev Multi-Arch: same

 -- Simon McVittie <smcv@debian.org>  Thu, 15 Sep 2016 08:28:19 +0100

flatpak (0.6.9-1) unstable; urgency=medium

  * New upstream release
    - d/control: libgsystem is no longer required
    - d/copyright: update for new libglnx
    - drop most patches, applied upstream
  * Drop unused build-dependency on docbook-xsl-doc-html.
    It is documentation about docbook-xsl, so isn't needed at build-time.
  * Expand build-dependencies to what we would use if no tests are skipped.
    In practice buildds disallow some of what the tests do, but we shouldn't
    rely on that.
  * d/patches: cherry-pick various post-release bug fixes from upstream
  * Build-depend on attr, and make flatpak-tests depend on it, for better
    test coverage if /var/tmp supports xattrs
  * Build-depend on fuse, so we can run fusermount if supported
  * Make flatpak-tests depend on ostree instead of using d/tests/control
  * d/p/make-test-runtime-cope-with-Debian-s-Python-2.7-configura.patch,
    add patch to make more build-time tests pass
  * d/p/Tell-build-time-tests-which-bwrap-we-are-going-to-use.patch:
    skip tests that cannot be run because we are in an environment where
    bwrap fails
  * d/p/test_install_launch_uninstall-consistently-check-for-GErr.patch:
    add patch to improve diagnostics on some test failures
  * d/p/document-portal-cope-with-multiple-events-that-would-caus.patch:
    in the document portal, don't crash if there is more than one reason
    to exit
  * Remove unused lintian overrides
  * Add lintian override for flatpak-system-helper.service.
    It is deliberately missing an [Install] section (so enabling it for
    eager startup is not possible), because it is intended to be
    started via D-Bus activation.
  * d/p/Terminate-gpg-agent-after-using-it-for-tests.patch:
    add patch to terminate gpg-agent processes after use
  * Terminate any further stray gpg-agent processes when running tests

 -- Simon McVittie <smcv@debian.org>  Wed, 07 Sep 2016 22:42:09 +0100

flatpak (0.6.8-1) unstable; urgency=medium

  * New upstream release
    - d/copyright: source files are now licensed as LGPL-2.1+
    - d/flatpak.install: install systemd snippet to configure dbus.service
      with flatpak in XDG_DATA_DIRS
    - d/control, d/rules: build-depend on xmlto and enable all documentation
    - d/flatpak.install: install documentation for the command-line tools,
      and i18n
    - d/p/dist/Add-flatpak-metadata.xml-from-upstream-git.patch:
      Add missing flatpak-metadata.xml from upstream git, which was not
      included in the released tarball
  * d/p/unrpm-prevent-shell-injection.patch: Avoid shell injection
    when building a Flatpak from an RPM
  * d/p/Wait-for-locks-in-TEST_DATA_DIR-to-be-released-before-del.patch:
    Drop patch, it does not appear to make testing pass on ci.debian.net
    as I had hoped
  * d/tests: mark test-extensions.sh to only be run in virtual machines,
    in the hope that when ci.debian.net gets a qemu runner, it will
    work there

 -- Simon McVittie <smcv@debian.org>  Tue, 02 Aug 2016 15:19:41 +0100

flatpak (0.6.7-2) unstable; urgency=medium

  * d/p/libtest-replace-dbus-launch-with-dbus-daemon.patch:
    Add patch to stop using dbus-launch in the tests
  * d/p/Wait-for-locks-in-TEST_DATA_DIR-to-be-released-before-del.patch:
    Add patch to avoid a race condition during testing between the
    container's "init" process shutting down, and libtest.sh proceeding
    with cleanup in response to the container's main process (which
    exits first) shutting down

 -- Simon McVittie <smcv@debian.org>  Thu, 28 Jul 2016 09:12:38 +0100

flatpak (0.6.7-1) unstable; urgency=medium

  * New upstream release
    - drop all patches except d/p/debian/*, applied upstream
    - d/libflatpak0.symbols: update for new ABIs
    - d/control: depend and build-depend on OSTree 2016.6
    - d/tests/control: flatpak-builder test now needs git
  * Depend on system bubblewrap (Closes: #824647)
  * Remove obsolete note about requiring unprivileged user namespaces
  * d/p/build-run-install-test-data-hook-even-if-using-system-bwr.patch:
    add patch to fix installed-tests with system bwrap

 -- Simon McVittie <smcv@debian.org>  Wed, 06 Jul 2016 12:45:03 +0100

flatpak (0.6.6-2) unstable; urgency=medium

  * d/flatpak.postrm: delete /var/lib/flatpak/.changed on purge, fixing
    piuparts error
  * d/p/test-basic-do-not-fail-in-non-English-locales.patch: fix FTBFS
    in non-English locales, for instance during reproducible build testing

 -- Simon McVittie <smcv@debian.org>  Tue, 28 Jun 2016 08:33:51 +0100

flatpak (0.6.6-1) unstable; urgency=medium

  * New upstream release
    - drop patches, applied upstream
    - d/libflatpak0.symbols: update
  * d/p/document-portal-don-t-reply-to-GetMountPoint-until-ready.patch:
    Add patch to make the document portal (and hence FUSE support)
    optional for "flatpak run"
  * d/p/tests-don-t-treat-helper-scripts-as-though-they-were-test.patch:
    Add patch to avoid non-test helper scripts being run as tests
  * d/p/Downgrade-failure-to-get-document-portal-from-warning-to-.patch:
    Add patch to avoid test failure when FUSE is unusable
  * d/p/Run-tests-with-a-private-XDG_RUNTIME_DIR.patch:
    Add patch to run tests with a private XDG_RUNTIME_DIR, so the
    document portal under test works correctly even if the user is
    already running one
  * d/p/debian/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
    bring back compatibility with gtk-update-icon-cache-3.0, for backports
    - d/control: libgtk-3-bin is an alternative to
      gtk-update-icon-cache again

 -- Simon McVittie <smcv@debian.org>  Sat, 25 Jun 2016 12:03:06 +0100

flatpak (0.6.5-1) unstable; urgency=medium

  * New upstream release
    - d/p/flatpak-run-don-t-fail-if-there-are-no-system-fonts.patch:
      drop, applied upstream
    - update symbols file for new ABI
  * d/p/Link-libselinux-into-bwrap-if-enabled-with-LDADD-not-LDFL.patch:
    make sure bwrap links even if the linker is pedantic
  * d/tests/gnome-desktop-testing: correctly report failures
  * d/tests/control: depend on ostree, used to export a Flatpak repository
    for testing
  * d/control: flatpak-builder Recommends binutils (for strip) and
    elfutils (for eu-strip), which can be invoked outside the sandbox
    by manifests that specify {'build-options': {'strip': true}}
    or {'build-options': {'no-debuginfo': true}}
  * d/p/sandbox-Make-var-tmp-and-tmp-different-dirs-not-symlinks.patch,
    d/p/test-run-don-t-use-test_builddir-to-exercise-filesystem.patch:
    add patches to make the installed-tests test-run.sh and
    test-run-system.sh pass with --prefix=/usr
  * Upload to unstable (LP: #1590411)

 -- Simon McVittie <smcv@debian.org>  Tue, 21 Jun 2016 10:22:13 +0100

flatpak (0.6.4-1) experimental; urgency=medium

  * New upstream release
    - d/p/Correctly-handle-with-privileged-group.patch: drop, no longer
      necessary
    - adjust packaging for new name and location of flatpak-bwrap
    - adjust packaging for new location of installed-tests
  * Unconditionally recommend gtk-update-icon-cache now that it's in
    testing
    - d/p/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
        drop, no longer necessary
  * d/control: update Homepage
  * d/copyright: update Source
  * tests: depend on attr, for setfattr, to get better test coverage
    (still skipped if /var/tmp on the testbed does not support xattrs)
  * d/p/flatpak-run-don-t-fail-if-there-are-no-system-fonts.patch:
    don't fail uses of flatpak-run or the builder test if the system
    has no fonts
  * debian/org.freedesktop.Flatpak.pkla: add an equivalent of the
    upstream JavaScript polkit rules (used by polkit >= 0.106),
    for use with polkit 0.105 as shipped in Debian. This allows members
    of group 'sudo' to install apps and runtimes into the system-wide
    location, from any remote that was previously added/trusted by a
    privileged user, without re-authenticating. (Closes: #825766)

 -- Simon McVittie <smcv@debian.org>  Sun, 05 Jun 2016 15:19:00 +0100

flatpak (0.6.2-1) experimental; urgency=medium

  * New upstream release
    - d/p/Treat-members-of-sudo-group-as-privileged.patch: drop,
      superseded by new --with-privileged-group option
    - d/p/Skip-tests-that-make-a-repository-if-var-tmp-lacks-user-x.patch:
      drop, merged upstream
  * Use new --with-privileged-group option to make "sudo" group privileged
    - d/p/Correctly-handle-with-privileged-group.patch: add post-release
      patch from upstream to make it work
    - drop hack to make admin group privileged on Ubuntu, they started to
      phase out that group in 2012
  * Build-depend on libdw-dev from src:elfutils instead of libdwarf-dev.
    Both provide dwarf.h, which is all we really need; libdw-dev is
    the one that is used in various important packages, including systemd.
    We also require src:elfutils anyway, for libelf-dev. (Closes: #825191)
  * debian/upstream/signing-key.asc: add
  * debian/gbp.conf: automatically merge upstream tag into imported source

 -- Simon McVittie <smcv@debian.org>  Tue, 24 May 2016 20:24:48 +0100

flatpak (0.6.1-1) experimental; urgency=medium

  * New upstream release
    - drop patches to bubblewrap, included in the submodule upstream
  * d/p/Try-gtk-3.0-version-of-the-icon-cache-utility-first.patch:
    add missing space between the tool's name and its --quiet argument
  * d/p/Treat-members-of-sudo-group-as-privileged.patch:
    use sudo, not wheel, as the group of administrative users
    - d/rules: alter the polkit policy on Ubuntu derivatives to treat
      the admin group as equivalent to sudo
  * d/rules: don't install bwrap setuid on Ubuntu. Ubuntu enables
    unprivileged user namespaces by default. (Closes: #825090)
  * d/p/Skip-tests-that-make-a-repository-if-var-tmp-lacks-user-x.patch:
    skip several tests if we can run bwrap, but cannot write extended
    attributes in /var/tmp, for example on an Ubuntu live system
  * Use dh_girepository to get correct ${gir:Depends}
  * Prefer gtk-update-icon-cache as provider of the binary of the same
    name, but still accept libgtk-3-bin for now, to be nice to backports

 -- Simon McVittie <smcv@debian.org>  Mon, 23 May 2016 23:06:50 +0100

flatpak (0.6.0-3) experimental; urgency=medium

  * Build-depend on procps, for /bin/kill (used in the tests).
    This fixes FTBFS in a more up-to-date buildd schroot.

 -- Simon McVittie <smcv@debian.org>  Sun, 22 May 2016 14:19:12 +0100

flatpak (0.6.0-2) experimental; urgency=medium

  * debian/flatpak.postinst: initialize /var/lib/flatpak/repo
    as requested by upstream
  * debian/flatpak.postrm: remove /var/lib/flatpak/repo on purge
  * Use dh-systemd to restart flatpak-system-helper on upgrades
  * debian/tests/control: flatpak-builder test requires make
  * Add patches from bubblewrap bug #71 to the embedded copy of bwrap,
    fixing flatpak-builder on the normal configuration of Debian kernels
  * Change patch for gtk-update-icon-cache-3.0 to fall back to
    gtk-update-icon-cache. This means it will still work when the
    Debian-specific gtk-update-icon-cache-3.0 name is dropped.

 -- Simon McVittie <smcv@debian.org>  Sat, 21 May 2016 22:57:49 +0100

flatpak (0.6.0-1) experimental; urgency=medium

  * Rename package from xdg-app to flatpak, following upstream rename
  * New upstream release
    - Remove patches, applied upstream
    - Add new build-dependency on libpolkit-gobject-1-dev
  * libflatpak-dev: depend on libflatpak0, not flatpak (Closes: #823328)
  * debian/copyright: update
  * Install bwrap (bubblewrap) helper tool setuid by default, so that
    the package works without further configuration (Closes: #823535)
    - note that an unreleased snapshot of bwrap is also available as
      src:bubblewrap; for now this package uses its bundled submodule,
      until we get a better idea of how closely these packages will
      need to track each other
  * Add autopkgtests for as-installed testing
  * Build-depend on dbus-x11: the tests explicitly use dbus-launch

 -- Simon McVittie <smcv@debian.org>  Wed, 04 May 2016 09:36:05 +0100

xdg-app (0.5.2-1) experimental; urgency=medium

  * New upstream release
  * debian/patches/install-Only-set-current-for-apps-not-for-runtimes.patch:
    remove, no longer necessary (and wasn't applied)
  * debian/gbp.conf: use DEP-14 branch names
  * Correct ITP bug number in previous changelog entry (was #697477,
    should have been #813308)
  * Don't build-depend on fuse. The test that uses fuse appears to fail on
    buildds, possibly because the kernel module is blacklisted; it should
    automatically be skipped when fuse isn't installed.
  * debian/gbp.conf: disable numbered patches, to reduce diff noise when
    they get applied upstream
  * d/p/session-helper-connect-the-D-Bus-and-systemd-services.patch:
    link the D-Bus session service to the systemd user service
  * Standards-Version: 3.9.8 (no changes needed)

 -- Simon McVittie <smcv@debian.org>  Mon, 25 Apr 2016 09:06:11 +0100

xdg-app (0.5.0-1) experimental; urgency=medium

  * Prepare package for Debian (Closes: #813308)
  * Set the Utopia Maintenance Team as maintainer, with myself and
    Matthias Klumpp as uploaders
  * Add Vcs-Git, Vcs-Browser (in collab-maint git)
  * Remove unnecessary use of dh-exec
  * Remove -dbg package, rely on automatic dbgsym packages instead
  * debian/.gitignore: add
  * debian/copyright: fill in all copyright holders
  * Normalize packaging via `wrap-and-sort -abst`
  * Adjust Section for the packages
  * Run the tests with VERBOSE=1
  * Install the new systemd user services
  * Run dh_install with --fail-missing to catch mistakes
  * Rename libxdgapp to the correct libxdg-app0 corresponding to
    libxdg-app.so.0
  * Rename libxdgapp-dev to libxdg-app-dev for consistency
  * Stop disabling the test that relies on FUSE; it is now correctly
    skipped if appropriate
  * Re-enable gtk-doc and add a libxdg-app-doc package
  * Add libxdg-app0.symbols
  * Add missing development dependencies
  * Set ${libexecdir} to /usr/lib/xdg-app, to avoid the toolchain getting
    confused by PIE executables in ${libexecdir} and treating them as
    incorrectly-named shared libraries
  * xdg-app-builder: reduce non-mandatory build tools to Recommends
  * xdg-app-builder: do not depend on tar, which is Essential
  * Fill in better values for Description
  * Depend on libpam-systemd (i.e. a working systemd-logind),
    because xdg-app currently relies on systemd to put user processes
    in cgroups
  * Run tests once via check-TESTS, but do not run them a second time
    via gtester, which fails because all test-cases in one test might
    be skipped
  * debian/control: document how to enable user namespaces
  * Only build for Linux: this package is specifically not portable

 -- Simon McVittie <smcv@debian.org>  Sat, 19 Mar 2016 18:08:53 +0000

xdg-app (0.5.0-0alexlarsson1~wily1) wily; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Wed, 16 Mar 2016 10:10:34 +0200

xdg-app (0.4.13-0alexlarsson3~vivid1) vivid; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 26 Feb 2016 10:12:00 +0200

xdg-app (0.4.12-0alexlarsson1~vivid1) vivid; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 19 Feb 2016 13:18:00 +0200

xdg-app (0.4.11-0alexlarsson1~vivid1) vivid; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Tue, 9 Feb 2016 12:25:00 +0200

xdg-app (0.4.10-0alexlarsson1~vivid1) vivid; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Tue, 9 Feb 2016 10:42:00 +0200

xdg-app (0.4.9-0alexlarsson1~vivid1) vivid; urgency=medium

  * Update to new upstream version

 -- Alexander Larsson <alexander.larsson@gmail.com>  Mon, 8 Feb 2016 15:15:00 +0200

xdg-app (0.4.7-alexlarsson1~vivid4) vivid; urgency=medium

  * Disabled gtk-doc

 -- Alexander Larsson <alexander.larsson@gmail.com>  Mon, 25 Jan 2016 11:15:00 +0200

xdg-app (0.4.7-alexlarsson1~vivid1) vivid; urgency=medium

  * New upstream release

 -- Alexander Larsson <alexander.larsson@gmail.com>  Mon, 25 Jan 2016 11:05:00 +0200

xdg-app (0.4.6-alexlarsson1~vivid2) vivid; urgency=medium

  * New upstream release

 -- Alexander Larsson <alexander.larsson@gmail.com>  Thu, 17 Dec 2015 11:05:00 +0200

xdg-app (0.4.5-alexlarsson1~vivid) vivid; urgency=medium

  * New upstream release

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 06 Nov 2015 15:41:00 +0200

xdg-app (0.4.4-alexlarsson1) vivid; urgency=medium

  * New upstream release

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 02 Oct 2015 10:01:55 +0200

xdg-app (0.4.3-alexlarsson5) vivid; urgency=medium

  * Really disable fuse tests

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 02 Oct 2015 09:20:53 +0200

xdg-app (0.4.3-alexlarsson4) vivid; urgency=medium

  * Remove fuse based tests, as they don't work in ppa build

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 02 Oct 2015 09:06:51 +0200

xdg-app (0.4.3-alexlarsson3) vivid; urgency=medium

  * Add fuse dependency

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 02 Oct 2015 08:48:48 +0200

xdg-app (0.4.3-alexlarsson2) vivid; urgency=medium

  * Add dbus dependency

 -- Alexander Larsson <alexander.larsson@gmail.com>  Fri, 02 Oct 2015 08:40:46 +0200

xdg-app (0.4.3-alexlarsson1) vivid; urgency=medium

  * New upstream release

 -- Alexander Larsson <alexander.larsson@gmail.com>  Thu, 01 Oct 2015 13:06:05 +0200

xdg-app (0.1-0amigadave4) trusty; urgency=low

  * Add build dependency on dh-exec.

 -- David King <amigadave@amigadave.com>  Wed, 08 Apr 2015 13:48:36 +0100

xdg-app (0.1-0amigadave3) trusty; urgency=low

  [ David King ]
  * Add build dependency on libattr1-dev.

 -- David King <amigadave@amigadave.com>  Wed, 08 Apr 2015 13:36:39 +0100

xdg-app (0.1-0amigadave2) trusty; urgency=low

  [ David King ]
  * Add build dependency on xsltproc.

 -- David King <amigadave@amigadave.com>  Wed, 08 Apr 2015 13:28:14 +0100

xdg-app (0.1-0amigadave1) trusty; urgency=low

  [ David King ]
  * Initial packaging.

 -- David King <amigadave@amigadave.com>  Thu, 02 Apr 2015 15:44:01 +0000