diff options
Diffstat (limited to 'RELNOTES')
| -rw-r--r-- | RELNOTES | 12 |
1 files changed, 9 insertions, 3 deletions
| @@ -13,8 +13,6 @@ firejail (0.9.45) baseline; urgency=low | |||
| 13 | * security: split seccomp filter code configuration in a separate executable | 13 | * security: split seccomp filter code configuration in a separate executable |
| 14 | * security: split file copying in private option in a separate executable | 14 | * security: split file copying in private option in a separate executable |
| 15 | * security: root exploit found by Sebastian Krahmer (CVE-2017-5180) | 15 | * security: root exploit found by Sebastian Krahmer (CVE-2017-5180) |
| 16 | * security: ~/.pki directory whitelisted and later blacklisted. This affects | ||
| 17 | most browsers, and disables the custom certificates installed by the user. | ||
| 18 | * feature: disable gnupg and systemd directories under /run/user | 16 | * feature: disable gnupg and systemd directories under /run/user |
| 19 | * feature: test coverage (gcov) support | 17 | * feature: test coverage (gcov) support |
| 20 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) | 18 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) |
| @@ -31,12 +29,20 @@ firejail (0.9.45) baseline; urgency=low | |||
| 31 | * feature: added a number o Python scripts for handling sandboxes | 29 | * feature: added a number o Python scripts for handling sandboxes |
| 32 | * feature: allow local customization using .local files under /etc/firejail | 30 | * feature: allow local customization using .local files under /etc/firejail |
| 33 | * feature: follow-symlink-as-user runtime config option in /etc/firejail/firejail.config | 31 | * feature: follow-symlink-as-user runtime config option in /etc/firejail/firejail.config |
| 32 | * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config | ||
| 33 | * feature: xvfb X11 server support (--x11=xvfb) | ||
| 34 | * feature: allow /tmp directory in mkdir and mkfile profile commands | ||
| 35 | * feature: implemented --noblacklist command, profile support | ||
| 36 | * feature: config support to disable access to /mnt and /media (disable-mnt) | ||
| 37 | * feature: allow tmpfs for regular users for files in home directory | ||
| 38 | * feature: mount a tmpfs on top of ~/.cache directory by default | ||
| 39 | * feature: config support to disable tmpfs mounting on ~/.cache (cache-tmpfs) | ||
| 34 | * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire, | 40 | * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire, |
| 35 | * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma, | 41 | * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma, |
| 36 | * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator, | 42 | * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator, |
| 37 | * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, | 43 | * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, |
| 38 | * new profies: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, | 44 | * new profies: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, |
| 39 | * new profiles: Uzbl browser, iridium browser, Thunar | 45 | * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie |
| 40 | * bugfixes | 46 | * bugfixes |
| 41 | -- netblue30 <netblue30@yahoo.com> Sun, 23 Oct 2016 08:00:00 -0500 | 47 | -- netblue30 <netblue30@yahoo.com> Sun, 23 Oct 2016 08:00:00 -0500 |
| 42 | 48 | ||