4 changed files with 363 additions and 72 deletions
--- a/.flatpak.metadata
+++ b/.flatpak.metadata
@ -1 +1 @@
-5f93e0a445a2e0088f114c2e2a192ce7a98faae2 SOURCES/flatpak-1.10.7.tar.xz
+aadb61d0d67fa6bc4a3cbe54b0acfb78403a5cd1 SOURCES/flatpak-1.12.8.tar.xz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/flatpak-1.10.7.tar.xz
+SOURCES/flatpak-1.12.8.tar.xz
--- a/SOURCES/flatpak-dir-Use-SHA256-not-SHA1-to-name-the-cache-for-a-filt.patch
+++ b/SOURCES/flatpak-dir-Use-SHA256-not-SHA1-to-name-the-cache-for-a-filt.patch
@ -0,0 +1,38 @@
+From 7dd160f33054863b1ea6f75ac279a42121a16430 Mon Sep 17 00:00:00 2001
+From: Debarshi Ray <debarshir@gnome.org>
+Date: Mon, 31 Jan 2022 21:17:29 +0100
+Subject: [PATCH] dir: Use SHA256, not SHA1, to name the cache for a filtered
+ remote
+
+SHA1 hashes are considered weak these days. Some distributions have
+static analysis tools to detect the use of such weak hashes, and they
+get triggered by flatpak. While this particular use of SHA1 in flatpak
+is likely not security sensitive, it's also easy to move to SHA256 to
+avoid any debate.
+
+Here, the SHA1 hash of a named remote's filter file is used to generate
+the name of the directory where the refs from that remote are cached.
+One can reasonably assume that the cache is frequently invalidated
+because the list of refs on the remote changes all the time. Hence,
+it's not big problem if it gets invalidated once more because of this
+change.
+---
+ common/flatpak-dir.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
+index 18384bd432fc..c6d08e85b41f 100644
+--- a/common/flatpak-dir.c
+++ b/common/flatpak-dir.c
+@@ -10923,7 +10923,7 @@ remote_filter_load (GFile *path, GError **error)
+     }
+ 
+   filter = g_new0 (RemoteFilter, 1);
+-  filter->checksum = g_compute_checksum_for_data (G_CHECKSUM_SHA1, (guchar *)data, data_size);
+  filter->checksum = g_compute_checksum_for_data (G_CHECKSUM_SHA256, (guchar *)data, data_size);
+   filter->path = g_object_ref (path);
+   filter->mtime = mtime;
+   filter->last_mtime_check = g_get_monotonic_time ();
+-- 
+2.34.1
+
--- a/SPECS/flatpak.spec
+++ b/SPECS/flatpak.spec
@ -2,7 +2,7 @@
 %global ostree_version 2020.8

 Name:           flatpak
-Version:        1.10.7
+Version:        1.12.8
 Release:        1%{?dist}
 Summary:        Application deployment framework for desktop apps

@ -10,12 +10,21 @@ License:        LGPLv2+
 URL:            http://flatpak.org/
 Source0:        https://github.com/flatpak/flatpak/releases/download/%{version}/%{name}-%{version}.tar.xz

+%if 0%{?fedora}
+# Add Fedora flatpak repositories
+Source1:        flatpak-add-fedora-repos.service
+%endif
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1935508
+Patch0:         flatpak-dir-Use-SHA256-not-SHA1-to-name-the-cache-for-a-filt.patch
+
 BuildRequires:  pkgconfig(appstream-glib)
 BuildRequires:  pkgconfig(dconf)
 BuildRequires:  pkgconfig(fuse)
 BuildRequires:  pkgconfig(gdk-pixbuf-2.0)
 BuildRequires:  pkgconfig(gio-unix-2.0)
 BuildRequires:  pkgconfig(gobject-introspection-1.0) >= 1.40.0
+BuildRequires:  pkgconfig(gpgme)
 BuildRequires:  pkgconfig(json-glib-1.0)
 BuildRequires:  pkgconfig(libarchive) >= 2.8.0
 BuildRequires:  pkgconfig(libseccomp)
@ -31,19 +40,17 @@ BuildRequires:  bubblewrap >= %{bubblewrap_version}
 BuildRequires:  docbook-dtds
 BuildRequires:  docbook-style-xsl
 BuildRequires:  gettext
-BuildRequires:  gpgme-devel
 BuildRequires:  libcap-devel
 BuildRequires:  python3-pyparsing
 BuildRequires:  systemd
-BuildRequires:  /usr/bin/python3
+BuildRequires:  /usr/bin/xdg-dbus-proxy
 BuildRequires:  /usr/bin/xmlto
 BuildRequires:  /usr/bin/xsltproc

-%{?systemd_requires}
-
 Requires:       bubblewrap >= %{bubblewrap_version}
 Requires:       librsvg2%{?_isa}
 Requires:       ostree-libs%{?_isa} >= %{ostree_version}
+Requires:       /usr/bin/xdg-dbus-proxy
 # https://fedoraproject.org/wiki/SELinux/IndependentPolicy
 Requires:       (flatpak-selinux = %{?epoch:%{epoch}:}%{version}-%{release} if selinux-policy-targeted)
 Requires:       %{name}-session-helper%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
@ -52,8 +59,6 @@ Recommends:     p11-kit-server
 # Make sure the document portal is installed
 %if 0%{?fedora} || 0%{?rhel} > 7
 Recommends:     xdg-desktop-portal > 0.10
-# Remove in F30.
-Conflicts:      xdg-desktop-portal < 0.10
 %else
 Requires:       xdg-desktop-portal > 0.10
 %endif
@ -87,6 +92,7 @@ Summary:        SELinux policy module for %{name}
 License:        LGPLv2+
 BuildRequires:  selinux-policy
 BuildRequires:  selinux-policy-devel
+BuildRequires:  make
 BuildArch:      noarch
 %{?selinux_requires}

@ -121,6 +127,11 @@ This package contains installed tests for %{name}.


 %build
+# gobject introspection does not work with LTO.  There is an effort to fix this
+# in the appropriate project upstreams, so hopefully LTO can be enabled someday
+# Disable LTO.
+%define _lto_cflags %{nil}
+
 (if ! test -x configure; then NOCONFIGURE=1 ./autogen.sh; CONFIGFLAGS=--enable-gtk-doc; fi;
 # Generate consistent IDs between runs to avoid multilib problems.
 export XMLTO_FLAGS="--stringparam generate.consistent.ids=1"
@ -130,6 +141,7 @@ This package contains installed tests for %{name}.
            --enable-selinux-module \
            --with-priv-mode=none \
            --with-system-bubblewrap \
+            --with-system-dbus-proxy \
            $CONFIGFLAGS)
 %make_build V=1

@ -141,6 +153,11 @@ install -pm 644 NEWS README.md %{buildroot}/%{_pkgdocdir}
 install -d %{buildroot}%{_localstatedir}/lib/flatpak
 install -d %{buildroot}%{_sysconfdir}/flatpak/remotes.d
 rm -f %{buildroot}%{_libdir}/libflatpak.la
+
+%if 0%{?fedora}
+install -D -t %{buildroot}%{_unitdir} %{SOURCE1}
+%endif
+
 %find_lang %{name}

 # Work around selinux denials, see
@ -157,24 +174,34 @@ getent passwd flatpak >/dev/null || \
 exit 0


+%if 0%{?fedora}
 %post
-# Create an (empty) system-wide repo.
-flatpak remote-list --system &> /dev/null || :
+%systemd_post flatpak-add-fedora-repos.service
+%endif


 %post selinux
 %selinux_modules_install %{_datadir}/selinux/packages/flatpak.pp.bz2


+%if 0%{?fedora}
+%preun
+%systemd_preun flatpak-add-fedora-repos.service
+%endif
+
+
+%if 0%{?fedora}
+%postun
+%systemd_postun_with_restart flatpak-add-fedora-repos.service
+%endif
+
+
 %postun selinux
 if [ $1 -eq 0 ]; then
    %selinux_modules_uninstall %{_datadir}/selinux/packages/flatpak.pp.bz2
 fi


-%ldconfig_scriptlets libs
-
-
 %files -f %{name}.lang
 %license COPYING
 # Comply with the packaging guidelines about not mixing relative and absolute
@ -189,12 +216,11 @@ fi
 %{_datadir}/dbus-1/services/org.flatpak.Authenticator.Oci.service
 %{_datadir}/dbus-1/services/org.freedesktop.portal.Flatpak.service
 %{_datadir}/dbus-1/system-services/org.freedesktop.Flatpak.SystemHelper.service
-%{_datadir}/fish
+%{_datadir}/fish/
 %{_datadir}/%{name}
 %{_datadir}/polkit-1/actions/org.freedesktop.Flatpak.policy
 %{_datadir}/polkit-1/rules.d/org.freedesktop.Flatpak.rules
 %{_datadir}/zsh/site-functions
-%{_libexecdir}/flatpak-dbus-proxy
 %{_libexecdir}/flatpak-oci-authenticator
 %{_libexecdir}/flatpak-portal
 %{_libexecdir}/flatpak-system-helper
@ -208,6 +234,7 @@ fi
 %{_mandir}/man5/flatpak-installation.5*
 %{_mandir}/man5/flatpak-remote.5*
 %{_sysconfdir}/dbus-1/system.d/org.freedesktop.Flatpak.SystemHelper.conf
+%dir %{_sysconfdir}/flatpak
 %{_sysconfdir}/flatpak/remotes.d
 %{_sysconfdir}/profile.d/flatpak.sh
 %{_sysusersdir}/flatpak.conf
@ -216,6 +243,10 @@ fi
 %{_userunitdir}/flatpak-portal.service
 %{_systemd_user_env_generator_dir}/60-flatpak

+%if 0%{?fedora}
+%{_unitdir}/flatpak-add-fedora-repos.service
+%endif
+
 %files devel
 %{_datadir}/gir-1.0/Flatpak-1.0.gir
 %{_datadir}/gtk-doc/
@ -245,97 +276,319 @@ fi


 %changelog
-* Wed Mar 09 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.10.7-1
- Rebase to 1.10.7 (#2062417)
+* Tue Jul 11 2023 Debarshi Ray <rishi@fedoraproject.org> - 1.12.8-1
+- Update to 1.12.8 (CVE-2023-28100, CVE-2023-28101)
+Resolves: #2180312, #2221792

-* Thu Feb 03 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.8.7-1
- Rebase to 1.8.7 (#2041972)
+* Mon Jun 27 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.12.7-2
+- Let flatpak own %%{_sysconfdir}/flatpak
+Resolves: #2101456

-* Tue Jan 25 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.8.6-1
- Rebase to 1.8.6 (#2010533)
+* Thu Mar 17 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.12.7-1
+- Update to 1.12.7
+Resolves: #2058633

-* Tue Oct 26 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.8.5-6
- Fix CVE-2021-41133 (#2012869)
+* Mon Mar 07 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.12.5-2
+- Cope better with /var/lib/flatpak existing but being empty
+Resolves: #2062806

-* Tue Oct 05 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.8.5-5
- Disable gvfs plugins when listing flatpak installations (#1980438)
+* Sun Feb 20 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.12.5-1
+- Update to 1.12.5
+Resolves: #2054215

-* Wed Jul 28 2021 Tomas Popela <tpopela@redhat.com> - 1.8.5-4
- Ship flatpak-devel in CRB (#1938064)
+* Tue Feb 08 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.12.4-2
+- Don't try to add Fedora's OCI Flatpak repository on RHEL
+- Remove an obsolete Fedora-specific update path
+Resolves: #2051697

-* Mon Mar 22 2021 David King <dking@redhat.com> - 1.8.5-3
- Fix CVE-2021-21381 (#1938064)
+* Mon Feb 07 2022 Neal Gompa <ngompa@centosproject.org> - 1.12.4-1
+- Rebase to 1.12.4
+Resolves: #2050302

-* Mon Jan 25 2021 David King <dking@redhat.com> - 1.8.5-2
- Apply post-release CVE fixes (#1918776)
+* Thu Feb 03 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.10.7-2
+- Use SHA256, not SHA1, to name the cache for a filtered remote
+Resolves: #1935508

-* Thu Jan 14 2021 David King <dking@redhat.com> - 1.8.5-1
- Rebase to 1.8.5 (#1851958)
+* Wed Feb 02 2022 Debarshi Ray <rishi@fedoraproject.org> - 1.10.7-1
+- Update to 1.10.7 (CVE-2021-43860)
+Resolves: #2041973

-* Tue Nov 17 2020 David King <dking@redhat.com> - 1.8.3-1
- Rebase to 1.8.3 (#1851958)
+* Tue Oct 26 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.10.5-1
+- Update to 1.10.5 (CVE-2021-41133)
+Resolves: #2012862

-* Mon Oct 05 2020 David King <dking@redhat.com> - 1.8.2-1
- Rebase to 1.8.2 (#1851958)
+* Wed Sep 22 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.10.3-1
+- Update to 1.10.3
+Resolves: #2006554

-* Mon Sep 14 2020 Kalev Lember <klember@redhat.com> - 1.6.2-4
- OCI: extract appstream data for runtimes (#1878231)
+* Sat Aug 28 2021 Debarshi Ray <rishi@fedoraproject.org> - 1.10.2-6
+- Fix local deploys using system helper
+Resolves: #1982304

-* Wed Jun 17 2020 David King <dking@redhat.com> - 1.6.2-3
- Further fixes for OCI authenticator (#1847201)
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.10.2-5
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

-* Fri Mar 20 2020 David King <dking@redhat.com> - 1.6.2-2
- Fixes for OCI authenticator (#1814045)
+* Fri May 07 2021 Kalev Lember <klember@redhat.com> - 1.10.2-4
+- Disable system env generator to work around selinux denials (#1947214)

-* Thu Feb 13 2020 David King <dking@redhat.com> - 1.6.2-1
- Rebase to 1.6.2 (#1775339)
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.10.2-3
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

-* Thu Jan 23 2020 David King <dking@redhat.com> - 1.6.1-1
- Rebase to 1.6.1 (#1775339)
+* Mon Apr 05 2021 Kalev Lember <klember@redhat.com> - 1.10.2-2
+- OCI: Switch to pax format for tar archives

-* Fri Jan 17 2020 David King <dking@redhat.com> - 1.6.0-2
- Remove broken python3 sed hack (#1775339)
+* Wed Mar 10 2021 Kalev Lember <klember@redhat.com> - 1.10.2-1
+- Update to 1.10.2

-* Sat Dec 21 2019 David King <dking@redhat.com> - 1.6.0-1
- Rebase to 1.6.0 (#1775339)
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.10.1-4
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.

-* Fri Nov 08 2019 David King <dking@redhat.com> - 1.4.3-2
+* Fri Feb 12 2021 Kalev Lember <klember@redhat.com> - 1.10.1-3
+- Add G_BEGIN_DECLS/G_END_DECLS to public headers (#1927439)
+- Drop unneeded ldconfig_scriptlets macro call
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Jan 21 2021 Kalev Lember <klember@redhat.com> - 1.10.1-1
+- Update to 1.10.1
+
+* Thu Jan 14 2021 Kalev Lember <klember@redhat.com> - 1.10.0-1
+- Update to 1.10.0
+
+* Mon Jan 11 2021 Kalev Lember <klember@redhat.com> - 1.9.3-2
+- Use "Fedora Flatpaks" as the visible repo name
+
+* Tue Dec 22 2020 David King <amigadave@amigadave.com> - 1.9.3-1
+- Update to 1.9.3 (#1910054)
+
+* Fri Nov 20 2020 Kalev Lember <klember@redhat.com> - 1.9.2-1
+- Update to 1.9.2
+
+* Thu Nov 19 2020 Kalev Lember <klember@redhat.com> - 1.9.1-1
+- Update to 1.9.1
+
+* Wed Nov 18 2020 David King <amigadave@amigadave.com> - 1.8.3-2
+- Drop obsolete Requires on system-release
+
+* Tue Nov 17 2020 Kalev Lember <klember@redhat.com> - 1.8.3-1
+- Update to 1.8.3
+
+* Sat Oct 31 2020 Jeff Law <law@redhat.com> - 1.8.2-3
+- Fix bogus volatiles caught by gcc-11
+
+* Fri Sep 11 2020 Kalev Lember <klember@redhat.com> - 1.8.2-2
+- Backport various OCI fixes from upstream
+
+* Fri Aug 21 2020 Kalev Lember <klember@redhat.com> - 1.8.2-1
+- Update to 1.8.2
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Fri Jul 03 2020 David King <amigadave@amigadave.com> - 1.8.1-1
+- Update to 1.8.1 (#1853667)
+
+* Tue Jun 30 2020 Jeff Law <law@redhat.com> - 1.8.0-2
+- Disable LTO
+
+* Wed Jun 24 2020 David King <amigadave@amigadave.com> - 1.8.0-1
+- Update to 1.8.0 (#1850676)
+
+* Wed Jun 10 2020 David King <amigadave@amigadave.com> - 1.7.3-1
+- Update to 1.7.3 (#1820762)
+
+* Fri Apr 03 2020 Kalev Lember <klember@redhat.com> - 1.7.2-1
+- Update to 1.7.2
+
+* Mon Mar 30 2020 David King <amigadave@amigadave.com> - 1.7.1-1
+- Update to 1.7.1 (#1818882)
+
+* Mon Mar 30 2020 Kalev Lember <klember@redhat.com> - 1.6.3-1
+- Update to 1.6.3
+
+* Thu Feb 13 2020 David King <amigadave@amigadave.com> - 1.6.2-1
+- Update to 1.6.2 (#1802609)
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jan 23 2020 David King <amigadave@amigadave.com> - 1.6.1-1
+- Update to 1.6.1
+
+* Fri Jan 17 2020 David King <amigadave@amigadave.com> - 1.6.0-2
+- Remove broken python3 sed hack
+
+* Fri Dec 20 2019 David King <amigadave@amigadave.com> - 1.6.0-1
+- Update to 1.6.0
+
+* Mon Dec 16 2019 David King <amigadave@amigadave.com> - 1.5.2-1
+- Update to 1.5.2
+
+* Thu Nov 28 2019 David King <amigadave@amigadave.com> - 1.5.1-1
+- Update to 1.5.1
+
+* Fri Nov 01 2019 Orion Poplawski <orion@nwra.com> - 1.5.0-2
 - Use %%{?selinux_requires} for proper install ordering

-* Tue Oct 08 2019 David King <dking@redhat.com> - 1.4.3-1
- Rebase to 1.4.3 (#1748276)
+* Thu Oct 03 2019 David King <amigadave@amigadave.com> - 1.5.0-1
+- Update to 1.5.0

-* Fri Sep 20 2019 Kalev Lember <klember@redhat.com> - 1.0.9-1
- Update to 1.0.9 (#1753613)
+* Thu Sep 19 2019 Kalev Lember <klember@redhat.com> - 1.4.3-1
+- Update to 1.4.3

-* Tue May 14 2019 David King <dking@redhat.com> - 1.0.6-4
- Bump release (#1700654)
+* Wed Sep 18 2019 Debarshi Ray <rishi@fedoraproject.org> - 1.4.2-6
+- Trim unused shared library linkages from the session helper

-* Mon Apr 29 2019 David King <dking@redhat.com> - 1.0.6-3
- Fix IOCSTI sandbox bypass (#1700654)
+* Wed Aug  7 2019 Owen Taylor <otaylor@redhat.com> - 1.4.2-5
+- Add patch fixing problem with downloading icons for OCI remotes (#1683375)

-* Wed Feb 13 2019 David King <dking@redhat.com> - 1.0.6-2
- Do not mount /proc in root sandbox (#1675776)
+* Thu Jul 25 2019 Tim Zabel <tjzabel21@gmail.com> - 1.4.2-4
+- SELinux needs additional Requires (#1732132)

-* Tue Dec 18 2018 Kalev Lember <klember@redhat.com> - 1.0.6-1
- Update to 1.0.6 (#1630249)
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Tue Jul 09 2019 Kalev Lember <klember@redhat.com> - 1.4.2-2
+- Backport a patch that fixes a fairly large memory leak in gnome-software
+
+* Fri Jun 28 2019 David King <amigadave@amigadave.com> - 1.4.2-1
+- Update to 1.4.2 (#1725071)
+
+* Tue Jun 25 2019 David King <amigadave@amigadave.com> - 1.4.1-3
+- Use Requires(post) for selinux-policy (#1723118)
+
+* Tue Jun 25 2019 Debarshi Ray <rishi@fedoraproject.org> - 1.4.1-2
+- Split the session helper into a separate sub-package
+
+* Thu Jun 13 2019 Kalev Lember <klember@redhat.com> - 1.4.1-1
+- Update to 1.4.1
+
+* Wed Jun 12 2019 Kalev Lember <klember@redhat.com> - 1.4.0-2
+- Backport an upstream patch to fix gnome-software CI
+
+* Tue May 28 2019 Kalev Lember <klember@redhat.com> - 1.4.0-1
+- Update to 1.4.0
+
+* Fri May 10 2019 Kalev Lember <klember@redhat.com> - 1.3.4-1
+- Update to 1.3.4
+
+* Tue Apr 30 2019 David King <amigadave@amigadave.com> - 1.3.3-2
+- Generate consistent anchor IDs
+
+* Fri Apr 26 2019 David King <amigadave@amigadave.com> - 1.3.3-1
+- Update to 1.3.3 (#1699338)
+
+* Wed Apr 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.3.2-2
+- Fixup selinux requires
+
+* Fri Apr 12 2019 David King <amigadave@amigadave.com> - 1.3.2-1
+- Update to 1.3.2 (#1699338)
+
+* Wed Apr 03 2019 Kalev Lember <klember@redhat.com> - 1.3.1-2
+- Add a oneshot systemd service to add Fedora flatpak repos
+- Remove the post script to create system repo now that we have the service
+
+* Wed Mar 27 2019 David King <amigadave@amigadave.com> - 1.3.1-1
+- Update to 1.3.1 (#1693207)
+
+* Tue Mar 12 2019 David King <amigadave@amigadave.com> - 1.3.0-1
+- Update to 1.3.0
+
+* Thu Feb 14 2019 David King <amigadave@amigadave.com> - 1.2.3-2
+- Remove an obsolete Conflicts
+- Use xdg-dbus-proxy
+
+* Mon Feb 11 2019 David King <amigadave@amigadave.com> - 1.2.3-1
+- Update to 1.2.3
+
+* Wed Feb 06 2019 David King <amigadave@amigadave.com> - 1.2.2-1
+- Update to 1.2.2
+
+* Tue Feb 05 2019 Kalev Lember <klember@redhat.com> - 1.2.1-1
+- Update to 1.2.1
+
+* Mon Feb  4 2019 fedora-toolbox <otaylor@redhat.com> - 1.2.0-4
+- Add an upstream patch to add flatpak build-export --disable-sandbox
+
+* Thu Jan 31 2019 Bastien Nocera <bnocera@redhat.com> - 1.2.0-3
+- Require librsvg2 so SVG icons can be exported
+
+* Tue Jan 29 2019 Kalev Lember <klember@redhat.com> - 1.2.0-2
+- Enable libsystemd support
+
+* Mon Jan 28 2019 David King <amigadave@amigadave.com> - 1.2.0-1
+- Update to 1.2.0
+
+* Tue Jan 15 2019 Kalev Lember <klember@redhat.com> - 1.1.3-1
+- Update to 1.1.3
+
+* Fri Dec 21 2018 David King <amigadave@amigadave.com> - 1.1.2-1
+- Update to 1.1.2
+
+* Mon Dec 17 2018 David King <amigadave@amigadave.com> - 1.1.1-2
+- Enable installed tests and add to tests subpackage
+
+* Mon Dec 10 2018 Kalev Lember <klember@redhat.com> - 1.1.1-1
+- Update to 1.1.1
+
+* Fri Nov 30 2018 fedora-toolbox <otaylor@redhat.com> - 1.0.6-3
+- Add a patch to fix OCI system remotes
+- Add patch fixing permissions on icons downloaded from an OCI registry
+
+* Fri Nov 16 2018 Kalev Lember <klember@redhat.com> - 1.0.6-1
+- Update to 1.0.6
+
+* Mon Nov 12 2018 Kalev Lember <klember@redhat.com> - 1.0.5-2
 - Recommend p11-kit-server instead of just p11-kit (#1649049)

-* Mon Dec 10 2018 David King <dking@redhat.com> - 1.0.4-2
- Backport patches to improve OCI support (#1657306)
+* Mon Nov 12 2018 Kalev Lember <klember@redhat.com> - 1.0.5-1
+- Update to 1.0.5

 * Fri Oct 12 2018 Kalev Lember <klember@redhat.com> - 1.0.4-1
- Update to 1.0.4 (#1630249)
+- Update to 1.0.4
+
+* Thu Oct 04 2018 Kalev Lember <klember@redhat.com> - 1.0.3-1
+- Update to 1.0.3

 * Thu Sep 13 2018 Kalev Lember <klember@redhat.com> - 1.0.2-1
- Update to 1.0.2 (#1630249)
+- Update to 1.0.2

-* Tue Aug 28 2018 David King <dking@redhat.com> - 1.0.1-1
- Update to 1.0.1 (#1621401)
+* Tue Aug 28 2018 David King <amigadave@amigadave.com> - 1.0.1-1
+- Update to 1.0.1

-* Wed Aug 01 2018 David King <dking@redhat.com> - 0.99.3-1
+* Mon Aug 20 2018 David King <amigadave@amigadave.com> - 1.0.0-2
+- Fix double dash in XML documentation
+
+* Mon Aug 20 2018 David King <amigadave@amigadave.com> - 1.0.0-1
+- Update to 1.0.0
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.99.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jul 10 2018 Kalev Lember <klember@redhat.com> - 0.99.3-1
 - Update to 0.99.3

+* Wed Jun 27 2018 Kalev Lember <klember@redhat.com> - 0.99.2-1
+- Update to 0.99.2
+
+* Thu Jun 21 2018 David King <amigadave@amigadave.com> - 0.99.1-1
+- Update to 0.99.1
+
+* Wed Jun 13 2018 David King <amigadave@amigadave.com> - 0.11.8.3-1
+- Update to 0.11.8.3 (#1590808)
+
+* Mon Jun 11 2018 David King <amigadave@amigadave.com> - 0.11.8.2-1
+- Update to 0.11.8.2 (#1589810)
+
+* Fri Jun 08 2018 David King <amigadave@amigadave.com> - 0.11.8.1-1
+- Update to 0.11.8.1 (#1588868)
+
+* Fri Jun 08 2018 David King <amigadave@amigadave.com> - 0.11.8-1
+- Update to 0.11.8 (#1588868)
+
 * Wed May 23 2018 Adam Jackson <ajax@redhat.com> - 0.11.7-2
 - Remove Requires: kernel >= 4.0.4-202, which corresponds to rawhide
  somewhere before Fedora 22 which this spec file certainly no longer