Description of problem: The Mageia Flatpak version is outdated, the current version in Mageia is 1.4.1 and the last version is 1.8.1. There are some applications that don't works fine, and I reported these bugs in respective sites. They have asked me wich flatpak version and operative system I have. When I have seen the flatpak version of Mageia, I have asked me..Could be that bugs be it by this version outdated? Version-Release number of selected component (if applicable): Mageia 7.1 and Flatpak 1.4.1 How reproducible: Install Flatpak and check the version Steps to Reproduce: 1. Install flatpak and check the version. 2. The current version in Mageia is 1.4.1 3. The version in official github site is 1.8.1
Thank you for the comment. You suspect that problems you are having with Flatpak might be due to our version being out of date. It looks as if it applies also to Cauldron, so changing the Version accordingly. flatpak-1.4.1-1.mga7.src.rpm flatpak-1.6.2-1.mga8.src.rpm Assigning to Neal, the package maintainer.
Version: 7 => CauldronAssignee: bugsquad => ngompa13Source RPM: Flatpak => flatpak-1.4.1-1.mga7.src.rpm, flatpak-1.6.2-1.mga8.src.rpmWhiteboard: (none) => MGA7TOO
Neal: I forgot to check who owns it. I'm updating it to 1.8.1 in Cauldron. There's a few new BuildRequires.
CC: (none) => olav
That's fine, Olav, but make sure you rebuild GNOME Software and Plasma Discover with the new libflatpak afterward, because despite the "stable" ABI for libflatpak, they tend to randomly crash and fail in odd ways if they aren't rebuilt against new libflatpak. This rule basically only matters when doing minor version upgrades, as patch versions are usually safe.
Oh, and all the portals need to be updated too, since they closely track the interfaces and behaviors of flatpak itself.
The KDE portal and Discover package has warnings not to rebuild it. Seems a bit silly, but I'm going to send a message to dev about that.
please go ahead with this change :-)
CC: (none) => mageia
Thanks! Also, sorry for being a bit harsh here about the instructions. When I linked to the bug I forgot how I wrote that.
Hi! Since Mageia 8 Beta 1, I have installed Discover and flatpak 1.8.1. I can confirm from here, that the problem I had with the applications: Spotify, Deltachat and Element, has been solved and now they work perfectly. So the bugs it reported are due to flatpak and its dependencies outdated I guess.
But if you want to use these applications or others without errors in Mageia 7 you will have to update it.
Related: do not forget Bug 25978 - Package flatpak-tests require flatpak-libs which does not exist
CC: (none) => fri
But, In Mageia 7 I haven't have problems with the flatpak instalation. The problem is that some applications no works fine because the flatpack version is outdated. I can confirm this, because in Mga8 I haven't this bug installing the same applications.
@Jose, Have you done $ flatpak update in order to update all Frameworks ? I haven't seen any error with Mageia 8b1. I haven't mga7 installed on any PC.
I have tried this, appears in konsole: [jose@localhost ~]$ flatpak update Looking for updates… GLib-GIO-Message: 16:36:37.895: Using the 'memory' GSettings backend. Your settings will not be saved or shared with other applications. Nothing to do. [jose@localhost ~]$ The apps Spotify and Element has been installed with discover and in Mageia 7 don't works. The same apps in Mageia 8 works fine installed from discover.
And doing flatpak update as root too?
Source RPM: flatpak-1.4.1-1.mga7.src.rpm, flatpak-1.6.2-1.mga8.src.rpm => flatpak-1.4.1-1.mga7.src.rpm
(In reply to Jose Manuel López from comment #13) > I have tried this, appears in konsole: > > [jose@localhost ~]$ flatpak update > Looking for updates… > GLib-GIO-Message: 16:36:37.895: Using the 'memory' GSettings backend. Your > settings will not be saved or shared with other applications. This message is odd. I'd expect dconf to be installed and working. Not sure if it's logical due to Flatpak. Normally it would causing all kinds of issues.
It updates here om a mga7, updated including updates testing repos. [morgan@svarten ~]$ flatpak update Looking for updates… ID Arch Gren Remote Hämta 1. [✓] org.freedesktop.Platform x86_64 19.08 flathub 9,6 MB / 238,5 MB 2. [✓] org.freedesktop.Platform.Locale x86_64 19.08 flathub 16,6 kB / 318,3 MB 3. [✓] org.signal.Signal x86_64 stable flathub 105,7 MB / 134,9 MB 4. [✓] org.kde.Platform x86_64 5.14 flathub 53,4 MB / 362,5 MB 5. [✓] org.freedesktop.Platform.GL.default x86_64 19.08 flathub 23,2 MB / 89,1 MB 6. [✓] org.freedesktop.Platform.GL.nvidia-430-64 x86_64 1.4 flathub 71,3 MB / 71,8 MB 7. [✓] org.kde.Platform.Locale x86_64 5.14 flathub 255,7 kB / 337,6 MB 8. [✓] org.qelectrotech.QElectroTech x86_64 master qet-devel 5,2 MB / 16,5 MB Updates complete. Info: org.gnome.Platform is end-of-life, with reason: The GNOME 3.32 runtime is no longer supported as of 11th March 2020. Please ask your application developer to migrate to a supported platform. Info: org.gnome.Platform.Locale is end-of-life, with reason: The GNOME 3.32 runtime is no longer supported as of 11th March 2020. Please ask your application developer to migrate to a supported platform. ID Arch Gren Remote Hämta 1. [✓] org.gnome.Platform x86_64 3.36 flathub 40,5 MB / 324,5 MB 2. [✓] org.gnome.Platform.Locale x86_64 3.36 flathub 88,0 kB / 323,0 MB 3. [✓] org.freedesktop.Platform.GL.default x86_64 19.08 flathub 23,2 MB / 89,1 MB Updates complete. Gotta go now. Will try Spotify later.
Installed spotify: seem to launch OK but silently (in double meaning ;) ) fail to play music. In termimnal from where i launched it: /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe)
I have already tried to do everything that is mentioned and the applications do not work in Mageia 7 and the current version of flatpak.
Same conclusion. Flatpak is broken in Mageia 7. Mageia 8 Cauldron is OK! therefore. This is same output trying launch Spotify in Mageia 7 (Install is ok). /app/extra/bin/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/bin/spotify) Gtk-Message: 15:55:39.885: Failed to load module "canberra-gtk-module" /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe) /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe) Seems there are outdated files. Flatpak 1.8 in M8 is OK. So please update or backport it for our users in M7.
Version: Cauldron => 7Target Milestone: --- => Mageia 7Whiteboard: MGA7TOO => Cauldron updated OKSeverity: normal => criticalPriority: Normal => High
Flatpak version of Spotify seems to not have access to Internet. It complains about Firewall blocking network or bad proxy settings. But even deactivate shorewall, it has no Internet access. Therefore, seems there is a bad permission issue, that should be resolved by updating flatpak.
Note that to open the firewall, the command to use is "shorewall clear", not stopping shorewall.
CC: (none) => davidwhodgins
Yeah Dave, I already did that way before stopping shorewall. It seems flatpak app can't have internet access, like if they don't have permission / right to do so.
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=25544
Hi, This is High priority bug for a good reason. Making Mageia even better than ever is best direction. In order to do right thing, this bug should be examined and fixed as soon as possible. Packagers, please make the status to Assigned when you are working on this. Feel free to reassign the bug if bad-triaged. Also, if bug is old, please close it. On October 1st 2020, we will drop priority to normal.
In Mageia 8 it works properly, it will be necessary to evaluate whether it is corrected for Mageia 7 or already waited for it to leave the Mageia 8 cauldron.
FWIW, trying to install org.chromium.Chromium on mga7 results in: Error: org.chromium.Chromium needs a later flatpak version error: Failed to install org.chromium.Chromium: app/org.chromium.Chromium/x86_64/stable needs a later flatpak version (1.8.2)
CC: (none) => dan
Re comments 2-7, 15: @Olav, Neal That was all back in August. Any advance on this? It is clearly causing angst for Mageia 7 users, who will be around for some time yet.
On this day, M7 Plasma x86_64, fully updated. $ uname -a Linux localhost 5.9.16-desktop-1.mga7 #1 SMP Mon Dec 21 16:51:55 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ flatpak --version Flatpak 1.4.1 $ flatpak install com.spotify.client Looking for matches… Found similar ref(s) for ‘com.spotify.client’ in remote ‘flathub’ (system). Use this remote? [Y/n]: Found ref ‘app/com.spotify.Client/x86_64/stable’ in remote ‘flathub’ (system). Use this ref? [Y/n]: Skipping: com.spotify.Client/x86_64/stable is already installed [aurelien@localhost ~]$ [aurelien@localhost ~]$ flatpak run com.spotify.Client [aurelien@localhost ~]$ /app/extra/bin/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/bin/spotify) [spotifywm] attached to spotify Gtk-Message: 16:51:08.593: Failed to load module "canberra-gtk-module" [spotifywm] spotify window found /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) [spotifywm] attached to spotify [spotifywm] attached to spotify [spotifywm] spotify window found /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe) [spotifywm] spotify window found [spotifywm] attached to spotify [spotifywm] spotify window found [spotifywm] spotify window found Connecting to my Spotify account is OK! and I'm able to listen to music. So, I imagine a fix somewhere in spotify app or under-the-hood frameworks. Also: $ flatpak install flathub im.riot.Riot Looking for matches… im.riot.Riot permissions: ipc network pulseaudio x11 devices file access [1] dbus access [2] bus ownership [3] [1] xdg-download, xdg-run/keyring [2] org.freedesktop.Notifications, org.freedesktop.portal.Fcitx, org.kde.StatusNotifierWatcher [3] org.kde.StatusNotifierItem-2-1 ID Arch Branch Remote Download 1. [✓] im.riot.Riot x86_64 stable flathub 95,1 MB / 95,2 MB Installation complete. [aurelien@localhost ~]$ flatpak run im.riot.Riot /home/aurelien/.var/app/im.riot.Riot/config/Element exists: no /home/aurelien/.var/app/im.riot.Riot/config/Riot exists: no Gtk-Message: 17:05:29.911: Failed to load module "canberra-gtk-module" Starting auto update with base URL: https://packages.riot.im/desktop/update/ Auto update not supported on this platform Error getting the event index passphrase out of the secret store [Error: org.freedesktop.DBus.Error.ServiceUnknown] this correctly launches element matrix IRC client. BUT true about chromium. $ flatpak install flathub org.chromium.Chromium Looking for matches… org.chromium.Chromium permissions: ipc network cups pulseaudio wayland x11 devices file access [1] dbus access [2] bus ownership [3] system dbus access [4] [1] home, xdg-run/pipewire-0 [2] org.freedesktop.FileManager1, org.freedesktop.Notifications, org.freedesktop.secrets, org.gnome.SessionManager [3] org.mpris.MediaPlayer2.chromium.* [4] org.freedesktop.Avahi, org.freedesktop.UPower ID Arch Branch Remote Download 1. [✗] org.chromium.Chromium x86_64 stable flathub < 102,8 MB 2. [ ] org.chromium.Chromium.Codecs x86_64 stable flathub < 1,1 MB 3. [ ] org.chromium.Chromium.Locale x86_64 stable flathub < 113,6 kB (partial) Error: org.chromium.Chromium needs a later flatpak version error: Failed to install org.chromium.Chromium: app/org.chromium.Chromium/x86_64/stable needs a later flatpak version (1.8.2) So, for M7 we need an updated version.
CC: (none) => ouaurelien
Note that Cauldron/M8 has 1.8.1 version. https://github.com/flatpak/flatpak/releases: - 1.8.4 is available - 1.9.3 (pre 1.10.0) release also with many fix.
Target Milestone: Mageia 7 => Mageia 8Source RPM: flatpak-1.4.1-1.mga7.src.rpm => flatpak-1.8.1-1.mga8.src.rpmStatus comment: (none) => flatpak-1.4.1-1.mga7.src.rpmWhiteboard: Cauldron updated OK => MGA7TOOVersion: 7 => Cauldron
I pushed flatpak 1.8.5 (up from 1.8.1) in Cauldron as it fixes atleast one security issue) https://github.com/flatpak/flatpak/releases/tag/1.8.5
Any 1.8.5 for mga7 testing? Is it too late to evaluate latest stable 1.10.0 in cauldron? (which also includes the security fixes) - I suggest to put in i.e cauldron backport until tested OK
I'm not flatpak maintainer, and the update is done from the last stable branch... and switching to a new ".0" at this point is not really wise as it can/will affect several packages with no idea of how much will break... -- Thomas
QA Contact: (none) => securityTarget Milestone: Mageia 8 => ---Priority: High => NormalVersion: Cauldron => 7Whiteboard: MGA7TOO => (none)Severity: critical => majorSummary: Flatpak package is outdated => flatpak new security issue fixed upstream in 1.8.5Status comment: flatpak-1.4.1-1.mga7.src.rpm => Fixed upstream in 1.8.5Component: RPM Packages => SecuritySource RPM: flatpak-1.8.1-1.mga8.src.rpm => flatpak-1.4.1-1.mga7.src.rpm
I will be updating to 1.10.0 because we need support for the new metadata format. I don't know how long older clients will stay working, so changing to the new stable series is important.
(In reply to Thomas Backlund from comment #31) > switching to a new ".0" at this point ".0" versions normally itches me too, but 1.9 series was the "beta" series, so this is potentially much better off than several other softwares ".0" releases. 1.10 is the new stable and as Neal say, we need to support new software needing this. And for mga7 we need 1.8.5 (at lest for the security fix)
Debian has issued an advisory for this on January 14: https://www.debian.org/security/2021/dsa-4830
Upstream advisory with CVE: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
Summary: flatpak new security issue fixed upstream in 1.8.5 => flatpak new security issue fixed upstream in 1.8.5 (CVE-2021-21261)
(In reply to Neal Gompa from comment #32) > I will be updating to 1.10.0 because we need support for the new metadata > format. I don't know how long older clients will stay working, so changing > to the new stable series is important. Can you prepare is ASAP for Cauldron then so we hopefully can handle of the fallout before Mageia 8 is released.
Fedora has issued an advisory for this on January 19: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2K2Q5P4IIUN2SFJKQKB4UJQ37CE2E55K/
Hi, This remain unresolved. We are about to see the release of Mageia 8, so we should consider this bug obsolete since it seems that this application will not be updated in Mageia 7? In Mageia 8 flatpak works fine and is updated. Greetings!!
Releasing Mageia 8 does not immediately end support for Mageia 7. Bugs still need to be fixed.
FWIW, Yesterday on my wifes mga7 laptop using flatpak 1.4.1 $ flatpak update updated itself without error, and also updated spotify: Spotify now works (failed a half year ago) Then I also successfully installed and used Zoom.
instead of patching, can we update flatpak ?
Depends on: (none) => 28575
We may have to now, given Bug 28575.
(In reply to Nicolas Lécureuil from comment #41) > instead of patching, can we update flatpak ? From https://wiki.mageia.org/en/Updates_policy#Version_Policy exceptions include "Software versions that are no longer supported upstream". We also allow it for leaf packages if patching is "too much work", provided the new version does not require user interaction to make it work such as changing config file formats, cause regressions in functionality, dropping features, etc. and has no impact on other packages such as changing an api for a lib shared with other packages (i.e. is not a leaf package). Those types of exceptions are decided on a case by case basis.
src: - mageia 7: - libglib-testing-0.1.0-2.mga7 - appstream-glib-0.7.15-1.mga7 - ... ( more to come )
src: - mageia 7: - libglib-testing-0.1.0-2.mga7 - appstream-glib-0.7.15-1.mga7 - malcontent-0.9.0-1.mga7 - bubblewrap-0.4.1-1.mga7 - ostree-2020.8-1.mga7 - flatpak-1.10.2-1.mga7 ( to be built )
src: - mageia 7: - libglib-testing-0.1.0-2.mga7 - appstream-glib-0.7.15-1.mga7 - malcontent-0.9.0-2.mga7 - bubblewrap-0.4.1-1.mga7 - ostree-2020.8-1.mga7 - flatpak-1.10.2-1.mga7 need to be done: - Rebuild some deps ( discover, gnome software, etc ).
deps rebuilded: gnome-software-3.32.2-2.1.mga7 discover-5.15.4-2.2.mga7
This update provide a new version of flatpak fixing numerous CVE. In addition it fixes: https://bugs.mageia.org/show_bug.cgi?id=28575 https://bugs.mageia.org/show_bug.cgi?id=25978 src: - mageia 7: - libglib-testing-0.1.0-2.mga7 - appstream-glib-0.7.15-1.mga7 - malcontent-0.9.0-2.mga7 - bubblewrap-0.4.1-1.mga7 - ostree-2020.8-1.mga7 - flatpak-1.10.2-1.mga7 - gnome-software-3.32.2-2.1.mga7 - discover-5.15.4-2.2.mga7
Status comment: Fixed upstream in 1.8.5 => (none)Assignee: ngompa13 => qa-bugs
Thank you for the big leap update, Nicolas! In short, it just works. System: mga7-64 Plasma In my test below Spotify flatpak worked before and right after the updates. It had some problem after running "flatpak update" but that is a flatpak/Spotify issue. After retrying twice it worked. May have been enough with reboot i dont know. I believe that is not our fault. There is one issue with both Spotify and Flameshot (which render Flameshot unusable): No icon in system tray ! But this is no regression; it was so also before, so I would say the update is OK. But that begs a question: If that can be improved so the icons show up in system tray. Or is it just a problem on my system? I curently have no mga8 system to compare to. I have not tried gnome-software nor Plasma Discover, i have never used them. ===================Details=============== ___Updated___ Updated: - appstream-glib-i18n-0.7.15-1.mga7.noarch - bubblewrap-0.4.1-1.mga7.x86_64 - discover-5.15.4-2.2.mga7.x86_64 - flatpak-1.10.2-1.mga7.x86_64 - lib64appstream-glib8-0.7.15-1.mga7.x86_64 - lib64flatpak-gir1.0-1.10.2-1.mga7.x86_64 - lib64flatpak0-1.10.2-1.mga7.x86_64 - lib64malcontent-gir0-0.9.0-2.mga7.x86_64 - lib64malcontent0-0.9.0-2.mga7.x86_64 - lib64ostree1-2020.8-1.mga7.x86_64 - malcontent-0.9.0-2.mga7.x86_64 - malcontent-i18n-0.9.0-2.mga7.noarch - ostree-2020.8-1.mga7.x86_64 $ flatpak --version Flatpak 1.10.2 ___Test_Spotify___ $ flatpak run com.spotify.Client /app/extra/bin/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/bin/spotify) [morgan@svarten ~]$ [spotifywm] attached to spotify Gtk-Message: 09:54:52.908: Failed to load module "canberra-gtk-module" [spotifywm] spotify window found /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) [spotifywm] attached to spotify [spotifywm] attached to spotify /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe) [spotifywm] attached to spotify [spotifywm] spotify window found [spotifywm] spotify window found Still works :) worked also in previous Flatpak version last month, but not a half year ago. When I close Spotify window, it vanishes, not in system tray either, but cursor did not return in konsole, have to Ctrl-C. (I forgot to check running processes) This is like before the update. ___Flatpak internal updating___ $ flatpak update Looking for updates… ID Gren Op Fjärr Hämta 1. [✓] org.freedesktop.Platform.GL.nvidia-430-64 1.4 u flathub 71,3 MB / 71,8 MB 2. [✓] org.freedesktop.Platform.GL.nvidia-450-57 1.4 u flathub 101,1 MB / 101,5 MB 3. [✓] org.freedesktop.Platform.GL.nvidia-460-56 1.4 u flathub 133,3 MB / 133,7 MB 4. [✓] org.kde.Platform.Locale 5.15 u flathub 24,4 kB / 341,6 MB 5. [✓] org.kde.Platform 5.15 u flathub 21,0 MB / 365,3 MB 6. [✓] org.qelectrotech.QElectroTech master u qet-devel 3,6 MB / 16,8 MB Updates complete. Info: org.gnome.Platform//3.32 is end-of-life, with reason: The GNOME 3.32 runtime is no longer supported as of 11th March 2020. Please ask your application developer to migrate to a supported platform. ID Gren Op Fjärr Hämta 1. [✓] org.freedesktop.Platform.GL.nvidia-430-64 1.4 u flathub 71,3 MB / 71,8 MB 2. [✓] org.freedesktop.Platform.GL.nvidia-450-57 1.4 u flathub 101,1 MB / 101,5 MB 3. [✓] org.freedesktop.Platform.GL.nvidia-460-56 1.4 u flathub 133,3 MB / 133,7 MB 4. [✓] org.kde.Platform.Locale 5.15 u flathub 24,4 kB / 341,6 MB 5. [✓] org.kde.Platform 5.15 u flathub 21,0 MB / 365,3 MB 6. [✓] org.flameshot.Flameshot stable u flathub 636,7 kB / 780,7 kB 7. [-] org.gnome.Platform.Locale 3.32 r 8. [-] org.gnome.Platform 3.32 r Changes complete. ___Test_again_Spotify___ $ flatpak run com.spotify.Client [morgan@svarten ~]$ /app/extra/bin/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/bin/spotify) [spotifywm] attached to spotify Gtk-Message: 10:02:04.853: Failed to load module "canberra-gtk-module" [spotifywm] spotify window found /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) /app/extra/share/spotify/spotify: /app/lib/libcurl-gnutls.so.4: no version information available (required by /app/extra/share/spotify/spotify) [spotifywm] attached to spotify [spotifywm] attached to spotify /proc/self/exe: /app/lib/libcurl-gnutls.so.4: no version information available (required by /proc/self/exe) [spotifywm] spotify window found [0311/100205.118364:FATAL:gpu_data_manager_impl_private.cc(442)] GPU process isn't usable. Goodbye. [spotifywm] attached to spotify I find no spotify window... Ctrl-C and relaunch -> Now spotify window shows up, completely black :( In journal I see: mar 11 10:07:58 svarten.tribun systemd[7420]: Started app-flatpak-com.spotify.Client-25866.scope. mar 11 10:07:58 svarten.tribun kernel: traps: spotify[25952] trap int3 ip:7f1a899ec3d2 sp:7fff85efcee0 error:0 in libcef.so[7f1a872da000+75cd000] Again close window and Ctrl-C again. Relaunching: Now Spotyfy works :) ___Test_Flameshot___ $ flatpak run org.flameshot.Flameshot QSettings::value: Empty key passed QSettings::value: Empty key passed QSettings::setValue: Empty key passed QSettings::value: Empty key passed QSettings::setValue: Empty key passed It shows briefly a popup telling to use the icon in system tray, but like with Spotify there is none. I dont know if it can be used any other way, have not checked... Exit by Ctrl-C in Konsole where i launched it from. I normally use an Appimage of elder Flameshot (the new one dont work), but shut that down before flatpak Flameshot tests.
Also now tested OK: $ flatpak run org.qelectrotech.QElectroTech No issue whatsoever, except printing dialogue do not show any printer. I dont know it that ever worked or is supposed to. Export to pdf succeed and is what I use.
Icons in system tray: Seem to be OK after reboot (for other reasons) At least Spotify icon now works. Flameshot icon is not visible but "appears" like an empty space between two other icons and right and leftclicking there works as intended. It is just invisible... So possible a Flameshot issue.
Blocks: (none) => 28581
Actual RPMs list for this update (discover is not, it is in Bug 28581). libglib-testing0-0.1.0-2.mga7 libglib-testing-devel-0.1.0-2.mga7 appstream-util-0.7.15-1.mga7 libappstream-glib8-0.7.15-1.mga7 libappstream-glib-gir1.0-0.7.15-1.mga7 libappstream-glib-devel-0.7.15-1.mga7 appstream-glib-i18n-0.7.15-1.mga7 malcontent-0.9.0-2.mga7 malcontent-i18n-0.9.0-2.mga7 libmalcontent0-0.9.0-2.mga7 libmalcontent-devel-0.9.0-2.mga7 libmalcontent-gir0-0.9.0-2.mga7 bubblewrap-0.4.1-1.mga7 ostree-2020.8-1.mga7 libostree1-2020.8-1.mga7 libostree-devel-2020.8-1.mga7 libostree-gir1.0-2020.8-1.mga7 ostree-grub2-2020.8-1.mga7 ostree-tests-2020.8-1.mga7 flatpak-1.10.2-1.mga7 libflatpak-devel-1.10.2-1.mga7 libflatpak0-1.10.2-1.mga7 libflatpak-gir1.0-1.10.2-1.mga7 gnome-software-3.32.2-2.1.mga7 gnome-software-devel-3.32.2-2.1.mga7 gnome-software-editor-3.32.2-2.1.mga7 from SRPMS: libglib-testing-0.1.0-2.mga7.src.rpm appstream-glib-0.7.15-1.mga7.src.rpm malcontent-0.9.0-2.mga7.src.rpm bubblewrap-0.4.1-1.mga7.src.rpm ostree-2020.8-1.mga7.src.rpm flatpak-1.10.2-1.mga7.src.rpm gnome-software-3.32.2-2.1.mga7.src.rpm
Advisory: ======================== Updated flatpak packages fix security vulnerabilities: Sandbox escape where a malicious application can execute code outside the sandbox by controlling the environment of the "flatpak run" command when spawning a sub-sandbox (CVE-2021-21261). A potential attack where a flatpak application could use custom formatted .desktop files to gain access to files on the host system (CVE-2021-21381). The update also removes the unnecessary flatpak-tests subpackage. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21261 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21381 https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2 https://github.com/flatpak/flatpak/security/advisories/GHSA-xgh4-387p-hqpp https://github.com/flatpak/flatpak/issues/4146 https://github.com/flatpak/flatpak/releases https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2K2Q5P4IIUN2SFJKQKB4UJQ37CE2E55K/ https://bugs.mageia.org/show_bug.cgi?id=25978 https://bugs.mageia.org/show_bug.cgi?id=28575 https://bugs.mageia.org/show_bug.cgi?id=28575
Blocks: (none) => 25978
Tested Flatpak with VM MGA7 Gnome 5.10.20-desktop-2.mga7 Updated with : libglib-testing0-0.1.0-2.mga7 libglib-testing-devel-0.1.0-2.mga7 appstream-util-0.7.15-1.mga7 libappstream-glib8-0.7.15-1.mga7 libappstream-glib-gir1.0-0.7.15-1.mga7 libappstream-glib-devel-0.7.15-1.mga7 appstream-glib-i18n-0.7.15-1.mga7 malcontent-0.9.0-2.mga7 malcontent-i18n-0.9.0-2.mga7 libmalcontent0-0.9.0-2.mga7 libmalcontent-devel-0.9.0-2.mga7 libmalcontent-gir0-0.9.0-2.mga7 bubblewrap-0.4.1-1.mga7 ostree-2020.8-1.mga7 libostree1-2020.8-1.mga7 libostree-devel-2020.8-1.mga7 libostree-gir1.0-2020.8-1.mga7 ostree-grub2-2020.8-1.mga7 ostree-tests-2020.8-1.mga7 flatpak-1.10.2-1.mga7 libflatpak-devel-1.10.2-1.mga7 libflatpak0-1.10.2-1.mga7 libflatpak-gir1.0-1.10.2-1.mga7 gnome-software-3.32.2-2.1.mga7 gnome-software-devel-3.32.2-2.1.mga7 gnome-software-editor-3.32.2-2.1.mga7 Updated without error message. Flatpak install signal software correctly: $flatpak install signal Looking for matches… Found similar ref(s) for ‘signal’ in remote ‘flathub’ (system). Use this remote? [Y/n]: y Found ref ‘app/org.signal.Signal/x86_64/stable’ in remote ‘flathub’ (system). Use this ref? [Y/n]: y Required runtime for org.signal.Signal/x86_64/stable (runtime/org.freedesktop.Platform/x86_64/20.08) found in remote flathub Do you want to install it? [Y/n]: y org.signal.Signal permissions: ipc network pulseaudio x11 devices file access [1] dbus access [2] bus ownership [3] [1] xdg-desktop, xdg-documents, xdg-download, xdg-music, xdg-pictures, xdg-public-share, xdg-videos [2] org.freedesktop.Notifications, org.kde.StatusNotifierWatcher [3] org.kde.StatusNotifierItem-2-1 ID Branch Op Remote Download 1. [✓] org.freedesktop.Platform.GL.default 20.08 i flathub 95,3 MB / 95,9 MB 2. [✓] org.freedesktop.Platform.Locale 20.08 i flathub 5,9 MB / 322,2 MB 3. [✓] org.freedesktop.Platform.openh264 2.0 i flathub 1,5 MB / 1,5 MB 4. [✓] org.freedesktop.Platform 20.08 i flathub 222,3 MB / 267,7 MB 5. [✓] org.signal.Signal stable i flathub 144,3 MB / 146,9 MB Installation complete. Signal works correctly Install ELement software witn Gnome-software 3.32.2 Install is OK and Element works but can't contact my private server
CC: (none) => guillaume.royer
Already tested CVE-2021-21381 for M8. CVE-2021-21261 does not have an immediate PoC. Meanwhile, this installs OK on M7 x86_64 Plasma. flatpak usage is OK. Give this an OK. Validating. Advisory committed to SVN.
CVE: (none) => CVE-2021-21261, CVE-2021-21381Keywords: (none) => advisory, validated_updateWhiteboard: (none) => MGA7-64-OKSummary: flatpak new security issue fixed upstream in 1.8.5 (CVE-2021-21261) => flatpak new security issue fixed upstream in 1.8.5 (CVE-2021-21261, CVE-2021-21381)CC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0143.html
Status: NEW => RESOLVEDResolution: (none) => FIXED