Merge pull request #4902 from kmk3/relnotes-organize

Organize relnotes
author: netblue30 <netblue30@protonmail.com> 2022-02-05 10:40:02 -0500
committer: GitHub <noreply@github.com> 2022-02-05 10:40:02 -0500
commit: c7c11eba68c9ae0daacbbd897e6ad3927f804689 (patch)
tree: 3b95e14f5e3a1d8ea421d02464f93d7b2c30be92 /RELNOTES
parent: RELNOTES: add allow apostrophe in whitelist and blacklist (diff)
parent: RELNOTES: add docs and group keeping/dropping modifs (diff)
download: firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.gz
firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.zst
firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.zip
1 files changed, 22 insertions, 15 deletions
diff --git a/RELNOTES b/RELNOTES
index fbaf12716..c2281bec9 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -4,22 +4,26 @@ firejail (0.9.68rc2) baseline; urgency=low
    (see README.md) (#4748)
  * security: bugfix: private-cwd leaks access to the entire filesystem
    (#4780); reported by Hugo Osvaldo Barrera
-  * exit code: distinguish fatal signals by adding 128 (#4533)
+  * feature: remove (some) environment variables with auth-tokens (#4157)
-  * close file descriptors greater than 2 (--keep-fd) (#4845)
+  * feature: ALLOW_TRAY condition (#4510 #4599)
-  * intrusion detection system (--ids-init, --ids-check)
+  * feature: intrusion detection system (--ids-init, --ids-check)
-  * deterministic shutdown (--deterministic-exit-code,
+  * feature: deterministic shutdown command (--deterministic-exit-code,
     --deterministic-shutdown) (#4635)
-  * noprinters command (#4607 #4827)
+  * feature: noprinters command (#4607 #4827)
-  * network monitor (--nettrace)
+  * feature: network monitor (--nettrace)
-  * network locker (--netlock) (#4848)
+  * feature: network locker (--netlock) (#4848)
-  * whitelist-ro profile command (#4740)
+  * feature: whitelist-ro profile command (#4740)
-  * Allow apostrophe in whitelist and blacklist (#4614)
+  * feature: Allow apostrophe in whitelist and blacklist (#4614)
-  * AppImage support in --build command (#4878)
+  * feature: AppImage support in --build command (#4878)
-  * build: firecfg.config is now installed to /etc/firejail/ (#4669)
+  * modifs: exit code: distinguish fatal signals by adding 128 (#4533)
-  * removed --disable-whitelist at compile time
+  * modifs: firecfg.config is now installed to /etc/firejail/ (#4669)
-  * removed whitelist=yes/no in /etc/firejail/firejail.config
+  * modifs: close file descriptors greater than 2 (--keep-fd) (#4845)
-  * new condition: ALLOW_TRAY (#4510 #4599)
+  * modifs: nogroups now stopped causing certain system groups to be dropped,
-  * remove (some) environment variables with auth-tokens (#4157)
+    which are now controlled by the relevant "no" options instead (such as
+    nosound -> drop audio group), which fixes device access issues on systems
+    not using (e)logind (such as with seatd) (#4632 #4725 #4732 #4851)
+  * removal: --disable-whitelist at compile time
+  * removal: whitelist=yes/no in /etc/firejail/firejail.config
  * bugfix: Fix sndio support (#4362 #4365)
  * bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387)
  * bugfix: --build clears the environment (#4460 #4467)
@@ -31,6 +35,9 @@ firejail (0.9.68rc2) baseline; urgency=low
  * bugfix: firecfg does not work with symlinks (discord.desktop) (#4235)
  * bugfix: Seccomp list output goes to stdout instead of stderr (#4328)
  * bugfix: private-etc does not work with symlinks (#4887)
+  * docs: fix contradictory descriptions of machine-id ("preserves" vs
+    "spoofs") (#4689)
+  * docs: Document that private-bin and private-etc always accumulate (#4078)
  * new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462)
  * removed includes: disable-passwordmgr.inc (#4454 #4461)
  * new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim
author	netblue30 <netblue30@protonmail.com>	2022-02-05 10:40:02 -0500
committer	GitHub <noreply@github.com>	2022-02-05 10:40:02 -0500
commit	c7c11eba68c9ae0daacbbd897e6ad3927f804689 (patch)
tree	3b95e14f5e3a1d8ea421d02464f93d7b2c30be92 /RELNOTES
parent	RELNOTES: add allow apostrophe in whitelist and blacklist (diff)
parent	RELNOTES: add docs and group keeping/dropping modifs (diff)
download	firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.gz firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.tar.zst firejail-c7c11eba68c9ae0daacbbd897e6ad3927f804689.zip

diff --git a/RELNOTES b/RELNOTES index fbaf12716..c2281bec9 100644 --- a/RELNOTES +++ b/RELNOTES
@@ -4,22 +4,26 @@ firejail (0.9.68rc2) baseline; urgency=low
4	(see README.md) (#4748)	4	(see README.md) (#4748)
5	* security: bugfix: private-cwd leaks access to the entire filesystem	5	* security: bugfix: private-cwd leaks access to the entire filesystem
6	(#4780); reported by Hugo Osvaldo Barrera	6	(#4780); reported by Hugo Osvaldo Barrera
7	* exit code: distinguish fatal signals by adding 128 (#4533)	7	* feature: remove (some) environment variables with auth-tokens (#4157)
8	* close file descriptors greater than 2 (--keep-fd) (#4845)	8	* feature: ALLOW_TRAY condition (#4510 #4599)
9	* intrusion detection system (--ids-init, --ids-check)	9	* feature: intrusion detection system (--ids-init, --ids-check)
10	* deterministic shutdown (--deterministic-exit-code,	10	* feature: deterministic shutdown command (--deterministic-exit-code,
11	--deterministic-shutdown) (#4635)	11	--deterministic-shutdown) (#4635)
12	* noprinters command (#4607 #4827)	12	* feature: noprinters command (#4607 #4827)
13	* network monitor (--nettrace)	13	* feature: network monitor (--nettrace)
14	* network locker (--netlock) (#4848)	14	* feature: network locker (--netlock) (#4848)
15	* whitelist-ro profile command (#4740)	15	* feature: whitelist-ro profile command (#4740)
16	* Allow apostrophe in whitelist and blacklist (#4614)	16	* feature: Allow apostrophe in whitelist and blacklist (#4614)
17	* AppImage support in --build command (#4878)	17	* feature: AppImage support in --build command (#4878)
18	* build: firecfg.config is now installed to /etc/firejail/ (#4669)	18	* modifs: exit code: distinguish fatal signals by adding 128 (#4533)
19	* removed --disable-whitelist at compile time	19	* modifs: firecfg.config is now installed to /etc/firejail/ (#4669)
20	* removed whitelist=yes/no in /etc/firejail/firejail.config	20	* modifs: close file descriptors greater than 2 (--keep-fd) (#4845)
21	* new condition: ALLOW_TRAY (#4510 #4599)	21	* modifs: nogroups now stopped causing certain system groups to be dropped,
22	* remove (some) environment variables with auth-tokens (#4157)	22	which are now controlled by the relevant "no" options instead (such as
		23	nosound -> drop audio group), which fixes device access issues on systems
		24	not using (e)logind (such as with seatd) (#4632 #4725 #4732 #4851)
		25	* removal: --disable-whitelist at compile time
		26	* removal: whitelist=yes/no in /etc/firejail/firejail.config
23	* bugfix: Fix sndio support (#4362 #4365)	27	* bugfix: Fix sndio support (#4362 #4365)
24	* bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387)	28	* bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387)
25	* bugfix: --build clears the environment (#4460 #4467)	29	* bugfix: --build clears the environment (#4460 #4467)
@@ -31,6 +35,9 @@ firejail (0.9.68rc2) baseline; urgency=low
31	* bugfix: firecfg does not work with symlinks (discord.desktop) (#4235)	35	* bugfix: firecfg does not work with symlinks (discord.desktop) (#4235)
32	* bugfix: Seccomp list output goes to stdout instead of stderr (#4328)	36	* bugfix: Seccomp list output goes to stdout instead of stderr (#4328)
33	* bugfix: private-etc does not work with symlinks (#4887)	37	* bugfix: private-etc does not work with symlinks (#4887)
		38	* docs: fix contradictory descriptions of machine-id ("preserves" vs
		39	"spoofs") (#4689)
		40	* docs: Document that private-bin and private-etc always accumulate (#4078)
34	* new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462)	41	* new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462)
35	* removed includes: disable-passwordmgr.inc (#4454 #4461)	42	* removed includes: disable-passwordmgr.inc (#4454 #4461)
36	* new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim	43	* new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim