Flatpak 1.12 has recently appeared, the latest version of the software deployment utility responsible for managing the package format of the same name and offering a framework that allows applications to work universally, without initially depending on the distribution used. beyond Flatpak’s own usefulness.
Flatpak 1.12 brings a couple of important changes. The first is support for better control of sub-sandboxes. This feature was already being used by the Flatpak version of the Steam client, so the developers of the package format and its corresponding utility have decided to enhance it in order to make it easier to handle.
The second most important change is the correction of a vulnerability in which Flatpak applications with direct access to the AF_UNIX sockets, which are used by Wayland, PipeWire, and pipewire-pulse (allowing PipeWire to be compatible with the software it uses PulseAudio), “can trick portals and other host operating system services into treating the Flatpak application as if it were an ordinary non-sandboxed host system process.”
For the rest, we find that the translations have been updated, added support for the Flatpak binary to be used during exports, added the installation of translations for all languages from the regional settings, corrected the progress reports of Flatpak FSCK, added the ability to handle cases where ‘/var/tmp’ is a symbolic link, exposure of the file ‘/etc/gai.conf’ to the sandbox, fixed parental control checks for root, plus the ability to handle the absence of ‘/etc/ld.so.cache‘ with musl.
Flatpak 1.12 can be obtained in a simple way by updating a rolling release system such as Arch Linux, although possibly this type of distribution does not justify the use of this package format beyond its peculiarities. Ubuntu users have available a PPA maintained by Alex Larsson, lead developer of Flatpak, although the latest version supported is 20.04 LTS (Focal Fossa). Hopefully it will reach Fedora 35 and we will see if Fedora 34 too.
We remember that the Flatpak ecosystem is growing little by little, opening the door to being able to run the most recent versions of the applications even on a system apparently as limiting as Debian Stable. In fact, the good foot that Debian 11 Bullseye has started its journey with makes it a really very attractive system combined with Flatpak.