diff options
author | netblue30 <netblue30@yahoo.com> | 2016-08-24 09:29:39 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-08-24 09:29:39 -0400 |
commit | 1ccd5d84b9d7491bb8deec24db5c8ea0a163fa10 (patch) | |
tree | a951ab073dfa608483e3c5a3013ccc892195ba89 /RELNOTES | |
parent | Merge pull request #742 from manevich/security (diff) | |
download | firejail-1ccd5d84b9d7491bb8deec24db5c8ea0a163fa10.tar.gz firejail-1ccd5d84b9d7491bb8deec24db5c8ea0a163fa10.tar.zst firejail-1ccd5d84b9d7491bb8deec24db5c8ea0a163fa10.zip |
testing 0.9.42~rc2
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 20 |
1 files changed, 12 insertions, 8 deletions
@@ -3,12 +3,14 @@ firejail (0.9.42~rc2) baseline; urgency=low | |||
3 | * security: disable x32 ABI in seccomp, submitted by Jann Horn | 3 | * security: disable x32 ABI in seccomp, submitted by Jann Horn |
4 | * security: tighten --chroot, submitted by Jann Horn | 4 | * security: tighten --chroot, submitted by Jann Horn |
5 | * security: terminal sandbox escape, submitted by Stephan Sokolow | 5 | * security: terminal sandbox escape, submitted by Stephan Sokolow |
6 | * modifs: deprecated --user option, please use "sudo -u username firejail" instead | 6 | * security: several TOCTOU fixes submitted by Aleksey Manevich |
7 | * modifs: deprecated --user option, please use "sudo -u username firejail" | ||
7 | * modifs: allow symlinks in home directory for --whitelist option | 8 | * modifs: allow symlinks in home directory for --whitelist option |
8 | * modifs: Firejail prompt is enabled by env variable FIREJAIL_PROMPT="yes" | 9 | * modifs: Firejail prompt is enabled by env variable FIREJAIL_PROMPT="yes" |
9 | * modifs: recursive mkdir | 10 | * modifs: recursive mkdir |
10 | * modifs: include /dev/snd in --private-dev | 11 | * modifs: include /dev/snd in --private-dev |
11 | * modifs: seccomp filter update | 12 | * modifs: seccomp filter update |
13 | * modifs: release archives moved to .xz format | ||
12 | * feature: AppImage support (--appimage) | 14 | * feature: AppImage support (--appimage) |
13 | * feature: AppArmor support (--apparmor) | 15 | * feature: AppArmor support (--apparmor) |
14 | * feature: Ubuntu snap support (/etc/firejail/snap.profile) | 16 | * feature: Ubuntu snap support (/etc/firejail/snap.profile) |
@@ -17,7 +19,8 @@ firejail (0.9.42~rc2) baseline; urgency=low | |||
17 | * feature: noexec support (--noexec) | 19 | * feature: noexec support (--noexec) |
18 | * feature: clean local overlay storage directory (--overlay-clean) | 20 | * feature: clean local overlay storage directory (--overlay-clean) |
19 | * feature: store and reuse overlay (--overlay-named) | 21 | * feature: store and reuse overlay (--overlay-named) |
20 | * feature: allow debugging inside the sandbox with gdb and strace (--allow-debuggers) | 22 | * feature: allow debugging inside the sandbox with gdb and strace |
23 | (--allow-debuggers) | ||
21 | * feature: mkfile profile command | 24 | * feature: mkfile profile command |
22 | * feature: quiet profile command | 25 | * feature: quiet profile command |
23 | * feature: x11 profile command | 26 | * feature: x11 profile command |
@@ -29,13 +32,14 @@ firejail (0.9.42~rc2) baseline; urgency=low | |||
29 | * run time: enable/disable quiet as default (quiet-by-default yes/no) | 32 | * run time: enable/disable quiet as default (quiet-by-default yes/no) |
30 | * run time: user-defined network filter (netfilter-default) | 33 | * run time: user-defined network filter (netfilter-default) |
31 | * run time: enable/disable whitelisting (whitelist yes/no) | 34 | * run time: enable/disable whitelisting (whitelist yes/no) |
32 | * run time: enable/disable remounting of /proc and /sys (remount-proc-sys yes/no) | 35 | * run time: enable/disable remounting of /proc and /sys |
36 | (remount-proc-sys yes/no) | ||
33 | * run time: enable/disable chroot desktop features (chroot-desktop yes/no) | 37 | * run time: enable/disable chroot desktop features (chroot-desktop yes/no) |
34 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 38 | * profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
35 | * new profiles: pix, audacity, xz, xzdec, gzip, cpio, less | 39 | * profiles: pix, audacity, xz, xzdec, gzip, cpio, less |
36 | * new profiles: Atom Beta, Atom, jitsi, eom, uudeview | 40 | * profiles: Atom Beta, Atom, jitsi, eom, uudeview |
37 | * new profiles: tar (gtar), unzip, unrar, file, skypeforlinux, | 41 | * profiles: tar (gtar), unzip, unrar, file, skypeforlinux, |
38 | * new profiles: inox, Slack, gnome-chess. Gajim IM client | 42 | * profiles: inox, Slack, gnome-chess. Gajim IM client |
39 | -- netblue30 <netblue30@yahoo.com> Thu, 21 Jul 2016 08:00:00 -0500 | 43 | -- netblue30 <netblue30@yahoo.com> Thu, 21 Jul 2016 08:00:00 -0500 |
40 | 44 | ||
41 | firejail (0.9.40) baseline; urgency=low | 45 | firejail (0.9.40) baseline; urgency=low |