commit d9996c897e8cd2ffb5d7d8d3ad5016decdfa8201 Author: Matthias Clasen Date: Mon Aug 7 15:09:16 2017 -0400 3.25.90 M NEWS M configure.ac commit 4a4f2474d08c695933f75cb5e0bd0ba8550b4959 Author: Bastien Nocera Date: Sun Jul 30 17:29:59 2017 +0100 thumbnail: Don't try to setup seccomp when sandboxed Flatpak drops privileges very early in the sandbox setup phase which means that we don't have enough permissions to setup seccomp. It would be nice if we could still use seccomp to restrict even further, but that's not the case as of yet. M libgnome-desktop/gnome-desktop-thumbnail-script.c commit dda675941777a876c1e9b08f922de72d32e73273 Author: Jason Crain Date: Mon Jul 24 22:32:01 2017 -0500 Fix heap-use-after-free with duplicate xkb layouts Debian's gnome-control-center can crash when show-all-sources is enabled. When parse_end_element in gnome-xkb-info.c encounters duplicate layouts, it will free the memory for the first layout while it is still in a hash table. https://bugzilla.gnome.org/show_bug.cgi?id=785320 M libgnome-desktop/gnome-xkb-info.c commit a3c7ec852fe63b61fe0d90b60eea9587935815f8 Author: Pawan Chitrakar Date: Mon Jul 24 10:48:55 2017 +0000 Update Nepali translation M po/ne.po commit 5a4844bdab8171efe27c6b0f6a3cd338534a66fb Author: Bastien Nocera Date: Fri Jul 21 14:26:20 2017 +0200 thumbnail: Restrict thumbnailer syscalls using seccomp Use seccomp code from flatpak to limit the system calls thumbnailers can make, reducing the attach surface. https://bugzilla.gnome.org/show_bug.cgi?id=785197 M configure.ac M libgnome-desktop/gnome-desktop-thumbnail-script.c commit 8b1db18aa75c2684b513481088b4e289b5c8ed92 Author: Bastien Nocera Date: Fri Jul 21 13:08:43 2017 +0200 thumbnail: Sandbox thumbnailers on Linux On Linux systems, bubblewrap is now required to launch thumbnailers in a restricted environment. - Only /usr and the compilation ${prefix} of the gnome-desktop library will be available to the thumbnailer as read-only - The network is disabled - The filename of the file to thumbnail is hidden - Bubblewrap is not used if the application is already sandboxed in Flatpak as all privileges to create a new namespace are dropped when the initial one is created. https://bugzilla.gnome.org/show_bug.cgi?id=774497 M configure.ac M libgnome-desktop/gnome-desktop-thumbnail-script.c commit c1956f35bd1a9170e433d116f36e63d58b6ff826 Author: Bastien Nocera Date: Thu Jul 20 20:51:09 2017 +0200 thumbnail: Split off running the script Move most of the script command generation to a separate file, making the function return a GBytes from a successful thumbnailer run, so as to avoid having to clean up temporary files from the thumbnailer run. Note that it changes a few subtle things which shouldn't be a problem in practice, but, as a corner case, might have been used by applications: - Thumbnailers must output PNG images. pixbuf_new_from_bytes() could have been made more complicated to handle all images, and then we would restrict the thumbnailer output format separately, but it makes no sense to write complicated code to remove it in the next commit. - URIs which have no backing path are not supported. This will likely cause problems for thumbnailing remote shares on OSes which lack gvfsd-fuse. Support could be re-added in the future. https://bugzilla.gnome.org/show_bug.cgi?id=774497 M libgnome-desktop/Makefile.am A libgnome-desktop/gnome-desktop-thumbnail-script.c A libgnome-desktop/gnome-desktop-thumbnail-script.h M libgnome-desktop/gnome-desktop-thumbnail.c commit 3b298f60287e21578b523bfb3aa75360e35f9dd1 Author: Bastien Nocera Date: Wed Jul 19 02:04:01 2017 +0200 thumbnail: Remove TryExec element in thumbnailer definition It's really not that useful. If the thumbnailer definition is installed, then we expect the thumbnailer to be installed and functional. M libgnome-desktop/gnome-desktop-thumbnail.c commit 483ea2e736810f5b19f229ab68d979c4eb43a5ea Author: Bastien Nocera Date: Wed Jul 19 01:52:35 2017 +0200 thumbnail: Use an array to store the thumbnailer's cmdline Instead of a shell-quoted string, to make it easier to add new elements to this command-line. M libgnome-desktop/gnome-desktop-thumbnail.c commit a5188e5821b276e0572b9db4799b24f0993349c0 Author: Bastien Nocera Date: Wed Jul 12 18:17:58 2017 +0200 thumbnail: Use g_strcmp0() and remove a NULL check M libgnome-desktop/gnome-desktop-thumbnail.c commit 1c9cabf3accc02bab40c06d43acb2ea3688483b2 Author: Bastien Nocera Date: Tue Jul 11 11:15:45 2017 +0200 thumbnail: Simplify system includes M libgnome-desktop/gnome-desktop-thumbnail.c commit fdb6fd18da0535d1634f9d0cb6582d297181ec48 Author: Bastien Nocera Date: Tue Jul 11 11:13:20 2017 +0200 thumbnail: Fix typo in optional M libgnome-desktop/gnome-desktop-thumbnail.c commit 35f8fdb34423f3de324af44ee1bd37f46740ea93 Author: Bastien Nocera Date: Tue Jul 11 11:13:06 2017 +0200 thumbnail: Remove unused constant SECONDS_BETWEEN_STATS M libgnome-desktop/gnome-desktop-thumbnail.c commit b025840073b53befeb8145e6d36714c20d3207d4 Author: Bastien Nocera Date: Tue Jul 11 11:12:42 2017 +0200 thumbnail: Remove unused #define GDK_PIXBUF_ENABLE_BACKEND M libgnome-desktop/gnome-desktop-thumbnail.c commit a63a558588c5b3e5445c6ace3fa68854d3f49dcf Author: Bastien Nocera Date: Tue Jul 11 11:08:16 2017 +0200 thumbnail: Remove reference to GnomeIconFactory M libgnome-desktop/gnome-desktop-thumbnail.c commit a0702a2137c66b04953b91cfd49ce5c7e8414e8a Author: Bastien Nocera Date: Tue Jul 11 11:07:59 2017 +0200 thumbnail: Simplify init_thumbnailers_dirs() M libgnome-desktop/gnome-desktop-thumbnail.c commit e71723eabb37ef90d931f43621a63828b4a7d078 Author: Bastien Nocera Date: Tue Jul 11 10:40:33 2017 +0200 thumbnail: Remove trailing spaces M libgnome-desktop/gnome-desktop-thumbnail.c M libgnome-desktop/gnome-desktop-thumbnail.h commit 2bf09a04e3ebf91ab8375269acecd8f268766ffd Author: Bastien Nocera Date: Fri Jul 21 00:15:11 2017 +0200 build: Fix syntax highlighting in configure.ac M configure.ac commit dd5e3e48eb91042920dd35ba2cb7dd7959544084 Author: Matthias Clasen Date: Thu Jul 20 08:16:54 2017 -0400 Fix bug reference M NEWS