diff options
author | netblue30 <netblue30@yahoo.com> | 2019-05-26 11:25:38 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-05-26 11:25:38 -0400 |
commit | b14f223a62399d73eec4d9c27d5a4cbb295b4d89 (patch) | |
tree | d0efa7dc2b59d3e19d8b64ed68bbd26759bb0edd /RELNOTES | |
parent | Merge pull request #2724 from netblue30/Fred-Barclay-securityinfo (diff) | |
download | firejail-b14f223a62399d73eec4d9c27d5a4cbb295b4d89.tar.gz firejail-b14f223a62399d73eec4d9c27d5a4cbb295b4d89.tar.zst firejail-b14f223a62399d73eec4d9c27d5a4cbb295b4d89.zip |
0.9.60 testing
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 16 |
1 files changed, 12 insertions, 4 deletions
@@ -1,4 +1,14 @@ | |||
1 | firejail (0.9.60~rc2) baseline; urgency=low | 1 | firejail (0.9.60) baseline; urgency=low |
2 | * security bug reported by Austin Morton: | ||
3 | Seccomp filters are copied into /run/firejail/mnt, and are writable | ||
4 | within the jail. A malicious process can modify files from inside the | ||
5 | jail. Processes that are later joined to the jail will not have seccomp | ||
6 | filters applied. | ||
7 | * memory-deny-write-execute now also blocks memfd_create | ||
8 | * add private-cwd option to control working directory within jail | ||
9 | * blocking system D-Bus socket with --nodbus | ||
10 | * bringing back Centos 6 support | ||
11 | * drop support for flatpak/snap packages | ||
2 | * new profiles: crow, nyx, mypaint, celluoid, nano, transgui, mpdris2 | 12 | * new profiles: crow, nyx, mypaint, celluoid, nano, transgui, mpdris2 |
3 | * new profiles: sysprof, simplescreenrecorder, geekbench, xfce4-mixer | 13 | * new profiles: sysprof, simplescreenrecorder, geekbench, xfce4-mixer |
4 | * new profiles: pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring | 14 | * new profiles: pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring |
@@ -16,9 +26,7 @@ firejail (0.9.60~rc2) baseline; urgency=low | |||
16 | * new profiles: autokey-gtk, autokey-qt, autokey-run, autokey-shell | 26 | * new profiles: autokey-gtk, autokey-qt, autokey-run, autokey-shell |
17 | * new profiles: freeoffice-presentations, freeoffice-textmaker, mp3wrap | 27 | * new profiles: freeoffice-presentations, freeoffice-textmaker, mp3wrap |
18 | * new profiles: inkview, meteo-qt, mp3splt-gtk, ktouch, yelp | 28 | * new profiles: inkview, meteo-qt, mp3splt-gtk, ktouch, yelp |
19 | * memory-deny-write-execute now also blocks memfd_create | 29 | -- netblue30 <netblue30@yahoo.com> Sun, 26 May 2019 08:00:00 -0500 |
20 | * drop support for flatpak/snap packages | ||
21 | -- netblue30 <netblue30@yahoo.com> Sun, 21 Apr 2019 08:00:00 -0500 | ||
22 | 30 | ||
23 | firejail (0.9.58,2) baseline; urgency=low | 31 | firejail (0.9.58,2) baseline; urgency=low |
24 | * cgroup flag in /etc/firejail/firejail.config file | 32 | * cgroup flag in /etc/firejail/firejail.config file |