![]() ![]() The container's /usr is a "runtime" chosen to match the app, which can be any distribution, but is usually based on a reference runtime called "" provided by the freedesktop-sdk project. However, it would (I think) continue to be a problem for Flatpak runtimes based on other sources of packages, for example based on Debian 10, or for other containerization frameworks that try to do a similar thing.įor context, if you don't know Flatpak: it's an app containerization framework, which runs a user-facing app like Steam or Spotify in a container. The maintainers of the freedesktop-sdk () base Flatpak runtime seem to be addressing this by upgrading the version inside the runtime to p11-kit 0.23.19, which means this will not be reproducible with newer versions of that runtime, or runtimes like that are based on it. ![]() In particular this affects anything that uses GNUTLS, notably the GNOME stack. More specifically, it breaks certificate trust in libraries and applications inside the runtime if they are linked to p11-kit older than 0.23.19. Distributions that have upgraded to p11-kit 0.23.19 have found that it breaks various Flatpak apps, including Steam and Spotify. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |