From 4e54394cd2a221aa4b5214692f0000e0b668c4dd Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Wed, 17 Apr 2024 18:10:22 +0100
Subject: [PATCH] Update NEWS

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 NEWS | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/NEWS b/NEWS
index 191e77dc..ad2b2796 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,25 @@
+Changes in 1.15.8
+~~~~~~~~~~~~~~~~~
+
+Security fixes:
+
+ * Don't allow an executable name to be misinterpreted as a command-line
+   option for bwrap(1). This prevents a sandbox escape where a malicious
+   or compromised app could ask xdg-desktop-portal to generate a .desktop
+   file with access to files outside the sandbox. (CVE-2024-32462)
+
+Other bug fixes:
+
+ * Pass the -export-dynamic linker option as -Wl,-export-dynamic,
+   fixing build failures with clang 18 and lld 18 (#5760)
+
+ * Fix a double-free when installation is cancelled (#5763)
+
+ * Fix installed-tests failure with "FUSERMOUNT: unbound variable"
+   (#5751)
+
+ * Translation updates: pt_BR (#5762), tr (#5761)
+
 Changes in 1.15.7
 ~~~~~~~~~~~~~~~~~
 Released: 2024-03-27