flatpak in mint 20.1 is out of date?

[Captain Brillo]

Just installed Mint 20.1, and tried to install "ungoogled-chromium" from flathub
got the message that

...needs a later flatpak version (1.8.2)

The version in Mint is "1.6.5--0ubuntu0.1" and is the latest one. What's this about?

[Linuxdarling]

I am having the same issue. Anyone have an answer?

[DAMIEN1307]

https://<blocked blogspam>/flatpak-1-10-offi ... provements

Down below is the last paragraph of the article cited above...DAMIEN

Linux OS maintainers can download the final Flatpak 1.10 release right now from the project’s GitHub page, while most users will have to wait for the new series to land in the stable repositories of their favorite GNU/Linux distribution to enjoy the new features and improvements.

https://github.com/flatpak/flatpak

[JoeFootball]

What's this about?

Anyone have an answer?

Basically, that's the version for the LTS codebase which LM 20.x leverages.

https://packages.ubuntu.com/focal/flatpak

Typically, an LTS repo will carry the less-than-latest version of a package, usually for stability reasons.

[BenTrabetere]

There is a flatpak PPA. I cannot vouch for this PPA other than to say I think Alex Larsson is trusted name in the flatpak universe.
https://launchpad.net/~alexlarsson/+arc ... tu/flatpak

I think it is a bit ironic there has to be a PPA for flatpak.

[Linuxdarling]

Thanks I followed these instructions to update the flatpak version and I was able to install ungoogled chromium. Thanks!

If you want to install the latest version of Flatpak on Linux Mint (and chances are you do) then add the following official Flatpak PPA to your software sources. The PPA supports Ubuntu 16.04 LTS and above:

sudo add-apt-repository ppa:alexlarsson/flatpak

sudo apt update && sudo apt install flatpak

[AsciiWolf]

This is even worse now that Flatpak 1.6.5 contains a CVE-2021-21261 "that can allow sandboxed applications to execute arbitrary code on the host system". Please, consider shipping the official Flatpak PPA version in Mint (and supporting it in MintInstall etc.) instead of relying on an outdated, problematic one from Ubuntu Focal.

[antikythera]

Just installed the 1.8.5 version from buster backports on LMDE4, it was 1.2.5 before

[benjammin1001]

I needed this for Eclipse -- thanks for the notes to get Flatpak updated.

(two thumbs up)

-Ben

[JeffF73]

There is a flatpak PPA. I cannot vouch for this PPA other than to say I think Alex Larsson is trusted name in the flatpak universe.
https://launchpad.net/~alexlarsson/+arc ... tu/flatpak

I think it is a bit ironic there has to be a PPA for flatpak.

I used the flatpak ppa and it immediately wanted to install version 1.11.1. Yet before installing I read the updater information on the package. It wanted to install a portal to flatpak and snaps. When I read portal to snaps I immediately went in and reverted my changes with a Timeshift backup. No way am I dealing with Snaps. If this is the case with flatpak I may as well uninstall it since I only use 1 package from it.

[karlchen]

This is even worse now that Flatpak 1.6.5 contains a CVE-2021-21261 "that can allow sandboxed applications to execute arbitrary code on the host system".

Stop!
Read this ... : USN-4951-1: Flatpak vulnerability
By now, Ubuntu is deploying bugfixed versions to all those who do not choose to ignore them in Update Manager.

Nonetheless, feel free to pay a visit to the Mint Github and raise a request to include the most recent Flatpak version in supported Mint releases 19.x and 20.x.