flatpak 1.10.8 Security fixes: * Escape special characters when displaying permissions and metadata, preventing malicious apps from manipulating the appearance of the permissions list using crafted metadata (CVE-2023-28101). * If a Flatpak app is run on a Linux virtual console (tty1, tty2, etc.), don't allow copy/paste via the TIOCLINUX ioctl (CVE-2023-28100). Note that this is specific to virtual consoles: Flatpak is not vulnerable to this if run from a graphical terminal emulator such as xterm, gnome-terminal or Konsole. Other bug fixes: * If an app update is blocked by parental controls policies, clean up the temporary deploy directory (#5146) * Fix Autotools build with versions of gpgme that no longer provide gpgme-config(1) (#5173) * Fix regressions in `flatpak history` since 1.9.1 - Don't display the appstream branch used internally - Don't display temporary repositories used internally - Ignore transaction log entries with empty REF field - Warn instead of failing if other non-app, non-runtime refs are found - Don't set up an unnecessary polkit agent for `flatpak history` - Add test coverage * Fix a typo in an error message * Fix incorrect year in NEWS for 1.10.7 release * Translation update: pl * Add test coverage for Flatpak's seccomp filters Git-EVTag-v0-SHA512: 8962500582d542dbbc332ba8fe43866bf57f7d18873edba13dfdc83e7eeb67bb4ed4f0d3688f6978cbfad80709ebdfc0f03826b873027936b259f1b1fd0da2f5