** Changed in: flatpak (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1812456
Title:
[MIR] libflatpak0
To manage notifications about this bug go to:
https:/
tl;dr; Flatpak currently considers remotes as trusted, so after you have
added one with a password at system level, you don't need a password to
install apps for that remote.
I don't about how polkit rules work, but this is just a comment
describing what happens from a user perspective with flatpa
I reviewed flatpak 1.10.2-1ubuntu1 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
flatpak is an application packaging and sandbox tool.
- CVE History:
we have six cves in our database, they appear to have been handled well,
qui
There's something from the polkit rules that worries me. I don't think
we want the rules to be this open. Could someone more conversant with
polkit rules give them a read and report back if this is something we
really want?
Something that specifically worried me:
- Normal users need adm
[Summary]
ACK from the MIR team.
This does need a security review, so I'll assign ubuntu-security list specific
binary packages to be promoted to main
[Duplication]
There is no other package in main providing the same functionality.
[Dependencies]
- no other Dependencies to MIR due to this apart
The right team is subscribed now
** Changed in: flatpak (Ubuntu)
Status: Incomplete => New
** Changed in: flatpak (Ubuntu)
Assignee: (unassigned) => Didier Roche (didrocks)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Setting as incomplete until getting more information, feel free to
reassign once ready.
** Changed in: flatpak (Ubuntu)
Status: New => Incomplete
** Changed in: flatpak (Ubuntu)
Assignee: Didier Roche (didrocks) => (unassigned)
--
You received this bug notification because you are a
Missing team subscription: can you ensure desktop-packages is subscribed
before analyzing the MIR please?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1812456
Title:
[MIR] libflatpak0
To manage no
** Changed in: flatpak (Ubuntu)
Assignee: (unassigned) => Didier Roche (didrocks)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1812456
Title:
[MIR] libflatpak0
To manage notifications about t
** Description changed:
Many applications have Flatpak integration using libflatpak. The Ubuntu
desktop team would like libflatpak0 in main so we can easily build such
applications. It takes a lot of work to make these dependencies optional
and sometimes that is not possible. We don't need
** Description changed:
- Scope
- =
- This MIR is only for libflatpk0 and its related binaries (libflatpak-dev,
libflatpak-doc and gir1.2-flatpak-1.0). The flatpak binary itself and
flatpak-tests will remain in universe.
+ Many applications have Flatpak integration using libflatpak. The Ubun
11 matches
Mail list logo
