diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-06 15:39:54 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-01-06 15:39:54 -0500 |
commit | 85517885bece9209bbcace80fec115b0126263ad (patch) | |
tree | 40ad1c5a321e6e9d8977b00dba68b533900de5e1 /RELNOTES | |
parent | security fixes (diff) | |
download | firejail-85517885bece9209bbcace80fec115b0126263ad.tar.gz firejail-85517885bece9209bbcace80fec115b0126263ad.tar.zst firejail-85517885bece9209bbcace80fec115b0126263ad.zip |
security fix
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -1,5 +1,8 @@ | |||
1 | firejail (0.9.45) baseline; urgency=low | 1 | firejail (0.9.45) baseline; urgency=low |
2 | * development version, work in progress | 2 | * development version, work in progress |
3 | * security: disabled --allow-debuggers when running on kenel | ||
4 | versions prior to 4.8; a kernel bug in ptrace system call | ||
5 | allows a full bypass of seccomp filter; problem reported by Lizzie Dixon | ||
3 | * security: overwrite /etc/resolv.conf found by Martin Carpenter | 6 | * security: overwrite /etc/resolv.conf found by Martin Carpenter |
4 | * secuirty: TOCTOU exploit for --get and --put found by Daniel Hodson | 7 | * secuirty: TOCTOU exploit for --get and --put found by Daniel Hodson |
5 | * security: invalid environment exploit found by Martin Carpenter | 8 | * security: invalid environment exploit found by Martin Carpenter |