diff options
author | netblue30 <netblue30@protonmail.com> | 2022-02-05 10:40:02 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-05 10:40:02 -0500 |
commit | c7c11eba68c9ae0daacbbd897e6ad3927f804689 (patch) | |
tree | 3b95e14f5e3a1d8ea421d02464f93d7b2c30be92 /RELNOTES | |
parent | RELNOTES: add allow apostrophe in whitelist and blacklist (diff) | |
parent | RELNOTES: add docs and group keeping/dropping modifs (diff) | |
download | firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.gz firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.zst firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.zip |
Merge pull request #4902 from kmk3/relnotes-organize
Organize relnotes
Diffstat (limited to 'RELNOTES')
-rw-r--r-- | RELNOTES | 37 |
1 files changed, 22 insertions, 15 deletions
@@ -4,22 +4,26 @@ firejail (0.9.68rc2) baseline; urgency=low | |||
4 | (see README.md) (#4748) | 4 | (see README.md) (#4748) |
5 | * security: bugfix: private-cwd leaks access to the entire filesystem | 5 | * security: bugfix: private-cwd leaks access to the entire filesystem |
6 | (#4780); reported by Hugo Osvaldo Barrera | 6 | (#4780); reported by Hugo Osvaldo Barrera |
7 | * exit code: distinguish fatal signals by adding 128 (#4533) | 7 | * feature: remove (some) environment variables with auth-tokens (#4157) |
8 | * close file descriptors greater than 2 (--keep-fd) (#4845) | 8 | * feature: ALLOW_TRAY condition (#4510 #4599) |
9 | * intrusion detection system (--ids-init, --ids-check) | 9 | * feature: intrusion detection system (--ids-init, --ids-check) |
10 | * deterministic shutdown (--deterministic-exit-code, | 10 | * feature: deterministic shutdown command (--deterministic-exit-code, |
11 | --deterministic-shutdown) (#4635) | 11 | --deterministic-shutdown) (#4635) |
12 | * noprinters command (#4607 #4827) | 12 | * feature: noprinters command (#4607 #4827) |
13 | * network monitor (--nettrace) | 13 | * feature: network monitor (--nettrace) |
14 | * network locker (--netlock) (#4848) | 14 | * feature: network locker (--netlock) (#4848) |
15 | * whitelist-ro profile command (#4740) | 15 | * feature: whitelist-ro profile command (#4740) |
16 | * Allow apostrophe in whitelist and blacklist (#4614) | 16 | * feature: Allow apostrophe in whitelist and blacklist (#4614) |
17 | * AppImage support in --build command (#4878) | 17 | * feature: AppImage support in --build command (#4878) |
18 | * build: firecfg.config is now installed to /etc/firejail/ (#4669) | 18 | * modifs: exit code: distinguish fatal signals by adding 128 (#4533) |
19 | * removed --disable-whitelist at compile time | 19 | * modifs: firecfg.config is now installed to /etc/firejail/ (#4669) |
20 | * removed whitelist=yes/no in /etc/firejail/firejail.config | 20 | * modifs: close file descriptors greater than 2 (--keep-fd) (#4845) |
21 | * new condition: ALLOW_TRAY (#4510 #4599) | 21 | * modifs: nogroups now stopped causing certain system groups to be dropped, |
22 | * remove (some) environment variables with auth-tokens (#4157) | 22 | which are now controlled by the relevant "no" options instead (such as |
23 | nosound -> drop audio group), which fixes device access issues on systems | ||
24 | not using (e)logind (such as with seatd) (#4632 #4725 #4732 #4851) | ||
25 | * removal: --disable-whitelist at compile time | ||
26 | * removal: whitelist=yes/no in /etc/firejail/firejail.config | ||
23 | * bugfix: Fix sndio support (#4362 #4365) | 27 | * bugfix: Fix sndio support (#4362 #4365) |
24 | * bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387) | 28 | * bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387) |
25 | * bugfix: --build clears the environment (#4460 #4467) | 29 | * bugfix: --build clears the environment (#4460 #4467) |
@@ -31,6 +35,9 @@ firejail (0.9.68rc2) baseline; urgency=low | |||
31 | * bugfix: firecfg does not work with symlinks (discord.desktop) (#4235) | 35 | * bugfix: firecfg does not work with symlinks (discord.desktop) (#4235) |
32 | * bugfix: Seccomp list output goes to stdout instead of stderr (#4328) | 36 | * bugfix: Seccomp list output goes to stdout instead of stderr (#4328) |
33 | * bugfix: private-etc does not work with symlinks (#4887) | 37 | * bugfix: private-etc does not work with symlinks (#4887) |
38 | * docs: fix contradictory descriptions of machine-id ("preserves" vs | ||
39 | "spoofs") (#4689) | ||
40 | * docs: Document that private-bin and private-etc always accumulate (#4078) | ||
34 | * new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462) | 41 | * new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462) |
35 | * removed includes: disable-passwordmgr.inc (#4454 #4461) | 42 | * removed includes: disable-passwordmgr.inc (#4454 #4461) |
36 | * new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim | 43 | * new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim |