diff options
author | netblue30 <netblue30@yahoo.com> | 2017-03-09 13:51:07 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-03-09 13:51:07 -0500 |
commit | cdde8872a75105b6b347db93315ec0ecd97d6289 (patch) | |
tree | 0e3aaf7e0f302d88feb74aa39edd10d1c6f8f156 /RELNOTES | |
parent | warning message not terminated by \n (diff) | |
download | firejail-cdde8872a75105b6b347db93315ec0ecd97d6289.tar.gz firejail-cdde8872a75105b6b347db93315ec0ecd97d6289.tar.zst firejail-cdde8872a75105b6b347db93315ec0ecd97d6289.zip |
--nowhitelist
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 3 |
1 files changed, 1 insertions, 2 deletions
@@ -13,8 +13,6 @@ firejail (0.9.45) baseline; urgency=low | |||
13 | * security: split seccomp filter code configuration in a separate executable | 13 | * security: split seccomp filter code configuration in a separate executable |
14 | * security: split file copying in private option in a separate executable | 14 | * security: split file copying in private option in a separate executable |
15 | * security: root exploit found by Sebastian Krahmer (CVE-2017-5180) | 15 | * security: root exploit found by Sebastian Krahmer (CVE-2017-5180) |
16 | * security: ~/.pki directory whitelisted and later blacklisted. This affects | ||
17 | most browsers, and disables the custom certificates installed by the user. | ||
18 | * feature: disable gnupg and systemd directories under /run/user | 16 | * feature: disable gnupg and systemd directories under /run/user |
19 | * feature: test coverage (gcov) support | 17 | * feature: test coverage (gcov) support |
20 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) | 18 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) |
@@ -34,6 +32,7 @@ firejail (0.9.45) baseline; urgency=low | |||
34 | * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config | 32 | * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config |
35 | * feature: xvfb X11 server support (--x11=xvfb) | 33 | * feature: xvfb X11 server support (--x11=xvfb) |
36 | * feature: allow /tmp directory in mkdir and mkfile profile commands | 34 | * feature: allow /tmp directory in mkdir and mkfile profile commands |
35 | * feature: implemented --noblacklist command | ||
37 | * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire, | 36 | * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire, |
38 | * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma, | 37 | * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma, |
39 | * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator, | 38 | * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator, |