I don't know if there will be many users who will put Canonical's snap shots at the top of the podium for next-gen packages. From what I have read to the community, most of us prefer flatpak, although some prefer AppImage because they are download and start using. Preferences aside, the news that took place yesterday was the launch de flat pack 1.12, a new version that has arrived accompanied by a less new one.
And is that Flatpak 1.12 has arrived at the same time as Flatpak 1.10.4The second having been released to correct a vulnerability in portal support. The security flaw has been the result of some new kernel system calls that have not been blocked by the SECCOMP rules, which are applications that could create sub-sandboxes to confuse the verification of the portal's isolation mechanism.
Flatpak 1.12 has arrived alongside Flatpak 1.10.4
“An anonymous whistleblower discovered that Flatpak applications with direct access to AF_UNIX sockets, such as those used by Wayland, Pipewire, or pipewire-pulse, can trick portals and other host-OS services into treating the Flatpak application as if was an ordinary host-OS process, not sandboxed, manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp filter, in order to substitute a crafted /.flatpak-info or make that file disappears completely. »
That as for the 1.10 series. At the same time, and as the headline of this article says, Flatpak 1.12 has been launched, with the most outstanding novelty of a improved control over sub-sandboxes, and the software that will benefit the most from this is Steam's Flatpak version.
Flatpak 1.12 and 1.10.4 have already been officially released, and will soon begin to arrive in the official repositories of most Linux distributions.