File firejail.changes of Package firejail
-------------------------------------------------------------------
Thu Jul 31 10:43:14 UTC 2025 - Sebastian Wagner <sebix@sebix.at>
- add new additional signing key support+releasesigning@divested.dev 6395FC9911EDCD6158712DF7BADFCABDDBF5B694
- Update to version 0.9.76:
* feature: use globbing in hardcoded numbered /dev paths (#2723 #6704)
* feature: add warn command (#6710)
* feature: use non-blocking flock calls (#6761)
* modif: block TPM devices & turn notpm command into keep-dev-tpm (#6698)
* modif: improve error messages in mountinfo.c (#6711)
* modif: use "Error:" in errExit message (#6716)
* modif: keep tss group if keep-dev-tpm is used (#6718)
* modif: keep /dev/tpmrm devices if keep-dev-tpm is used (#6719)
* modif: keep tcm/tcmrm devices if keep-dev-tpm is used (#6724)
* modif: improve "Failed mount" error messages in util.c (#6747)
* modif: improve fcopy error messages in check() (#6801)
* modif: fcopy: try normal case first instead of last in check() (#6804)
* modif: improve new network namespace error message (#6824)
* modif: improve error messages in sandbox.c/sbox.c (#6825)
* bugfix: fix flock debug messages going to stderr (#6712)
* bugfix: add missing selinux relabeling for /dev paths (#6734)
* bugfix: fix potential deadlock with flock + SIGTSTP (#6729 #6750)
* bugfix: fcopy: add /usr/share + "runner:root" exception to fix CI (#6797 #6803)
* bugfix: fcopy: allow /etc/resolv.conf owned by systemd-resolve (#4545 #6808)
* bugfix: fix "Not enforcing Landlock" message always being printed (#6806)
* bugfix: add NULL check for cmdline in find_child() (#6840)
* build: use TARNAME in SYSCONFDIR/VARDIR (#6713)
* build: add localstatedir and use in VARDIR (#6715)
* build: replace SYSCONFDIR with @sysconfdir@ (#6737)
* ci: upgrade debian:buster to debian:bullseye (#6832)
* docs: improve URL formatting in man pages (#6706)
* docs: clarify --private bug in man pages (#6805)
* docs: fix man formatting of landlock.enforce (#6807)
* profiles: split commands that increase/reduce access (#6687)
* profiles: firefox: add comment about creating PWA shortcuts (#6689)
* profiles: add more xorg paths (#6708)
* profiles: fix include of deprecated disable-X11.inc (uppercase) (#6709)
* profiles: godot: remove noinput so gamepads work (#6707)
* profiles: remove mkdir ~/.pki (#6732)
* profiles: mpv: remove mkfile ~/.netrc (#6735)
* profiles: curl: allow ~/.netrc (#6736)
* profiles: discord-common: add env to private-bin (#6738)
* profiles: firecfg: disable checksum programs (#6755)
* profiles: rssguard: allow lua (#6758 #6759)
* profiles: wine: allow python to fix Epic Games Launcher (#6762 #6763)
* profiles: wusc: add /usr/share/xkeyboard-config-2 (#6773 #6775)
* profiles: chafa: quiet output (#6777)
* profiles: ripperx/sound-juicer: fix profile name typos (#6780)
* profiles: ani-cli: add mpv to private-etc for plugins access (#6779)
* profiles: use private-etc groups in more profiles (#6783)
* profiles: firecfg: disable foliate (#6784)
* profiles: finish converting private-opt to whitelist (#6785)
* profiles: replace hosts.conf with host.conf in private-etc (#6791)
* profiles: makedeb: allow dpkg (#6816)
* profiles: kate: fix network access (#6815 #6823)
* profiles: keepassxc: add x11 group to private-etc (#6827 #6828)
* profiles: allow org.kde.kwalletd6 for Plasma 6 systems (#6819)
* profiles: xreader: disable no3d to fix startup (#6829)
* profiles: firefox: add alternative tridactylrc path (#6720 #6721)
* new profile: ansel (#6751)
-------------------------------------------------------------------
Sat Jul 19 11:11:41 UTC 2025 - Sebastian Wagner <sebix@sebix.at>
- update to version 0.9.74:
* security: fix sscanf rv checks (CodeQL) (#6184)
* feature: private-etc rework: improve handling of /etc/resolv.conf and add
* private-etc groups (#6400 #5518 #5608 #5609 #5629 #5638 #5641 #5642 #5643
* #5650 #5681 #5737 #5844 #5989 #6016 #6104 #5655 #6435 #6514 #6515)
* feature: Add "keep-shell-rc" command and option (#1127 #5634)
* feature: Print the argument when failing with "too long arguments" (#5677)
* feature: a random hostname is assigned to each sandbox unless
* overwritten using --hostname command
* feature: add IPv6 support for --net.print option
* feature: QUIC (HTTP/3) support in --nettrace
* feature: add seccomp filters for --restrict-namespaces
* feature: stats support for --nettrace
* feature: add doas support in firecfg and jailcheck (#5899 #5900)
* feature: firecfg: add firecfg.d & add ignore command (#2097 #5245 #5876
* #6153 #6268)
* feature: expand simple macros in more commands (--chroot= --netfilter=
* --netfilter6= --trace=) (#6032 #6109)
* feature: add Landlock support (#5269 #6078 #6115 #6125 #6187 #6195 #6200
* #6228 #6260 #6302 #6305)
* feature: add support for comm, coredump, and prctl procevents in firemon
* (#6414 #6415)
* feature: add notpm command & keep tpm devices in private-dev (#6379 #6390)
* feature: fshaper.sh: support tc on NixOS (#6426 #6431)
* feature: add aarch64 syscalls (#5821 #6574)
* feature: add --disable-sandbox-check configure flag (#6592)
* feature: block /dev/ntsync & add keep-dev-ntsync command (#6655 #6660)
* modif: Stop forwarding own double-dash to the shell (#5599 #5600)
* modif: Prevent sandbox name (--name=) and host name (--hostname=)
* from containing only digits (#5578 #5741)
* modif: Escape control characters of the command line (#5613)
* modif: Allow mostly only ASCII letters and digits for sandbox name
* (--name=) and host name (--hostname=) (#5708 #5856)
* modif: make private-lib a configure-time option, disabled by default (see
* --enable-private-lib) (#5727 #5732)
* modif: Improve --version/--help & print version on startup (#5829 #6172)
* modif: improve errExit error messages (#5871)
* modif: drop deprecated 'shell' option references (#5894)
* modif: keep pipewire group unless nosound is used (#5992 #5993)
* modif: fcopy: use lstat when copying directory (#5378 #5957)
* modif: private-dev: keep /dev/kfd unless no3d is used (#6380)
* modif: keep /sys/module/nvidia* if prop driver and no no3d (#6372 #6387)
* modif: clarify error messages in profile.c (#6605)
* modif: keep plugdev group unless nou2f is used (#6664)
* removal: firemon: remove --interface option (it duplicates the firejail
* --net.print= option) (0e48f99)
* removal: remove support for LTS and firetunnel (db09546)
* bugfix: fix --hostname and --hosts-file commands
* bugfix: fix examples in firejail-local AppArmor profile (#5717)
* bugfix: arp.c: ensure positive timeout on select(2) (#5806)
* bugfix: Wrong syscall names for s390_pci_mmio_read and s390_pci_mmio_write
* (#5965 #5976)
* bugfix: firejail --ls reports wrong file sizes for large files (#5982
* #6086)
* bugfix: fix startup race condition for /run/firejail directory (#6307)
* bugfix: fix various resource leaks (#6367)
* bugfix: profstats: fix restrict-namespaces max count (#6369)
* bugfix: remove --noautopulse from --help and zsh comp (#6401)
* bugfix: parse --debug before using it (#6579)
* bugfix: fix possible memory leak in fs_home.c (#6598)
* bugfix: do not interact with dbus directory if dbus proxy is disabled
* (#6591)
* bugfix: firecfg: check full .desktop filename in check_profile() (#6674)
* build: auto-generate syntax files (#5627)
* build: mark all phony targets as such (#5637)
* build: mkdeb.sh: pass all arguments to ./configure (#5654)
* build: deb: enable apparmor by default & remove deb-apparmor (#5668)
* build: Fix whitespace and add .editorconfig (#5674)
* build: remove for loop initial declarations to fix building with old
* compilers (#5778)
* build: enable compiler warnings by default (#5842)
* build: remove -mretpoline and NO_EXTRA_CFLAGS (#5859)
* build: disable all built-in implicit make rules (#5864)
* build: organize and standardize make vars and targets (#5866)
* build: fix seccomp filters and man pages always being rebuilt when running
* make (#5156 #5898)
* build: fix hardcoded make & remove unnecessary distclean targets (#5911)
* build: dist and asc improvements (#5916)
* build: fix some shellcheck issues & use config.sh in more scripts (#5927)
* build: firecfg.config sorting improvements (#5942)
* build: codespell improvements (#5955)
* build: add missing makefile dep & syntax improvements (#5956)
* build: sort.py: use case-sensitive sorting (#6070)
* build: mkrpm.sh: append instead of override configure args (#6126)
* build: use CPPFLAGS instead of INCLUDE in compile targets (#6159)
* build: use full paths on compile/link targets (#6158)
* build: automatically generate header dependencies (#6164)
* build: improve main clean target (#6186)
* build: mkrpm.sh improvements (#6196)
* build: move errExit macro into inline function (#6217)
* build: allow overriding certain tools & sync targets with CI (#6222)
* build: reduce hardcoding and inconsistencies & add installcheck target
* (#6230 #6620)
* build: sort.py: filter empty and duplicate items (#6261)
* build: fix "warning: "_FORTIFY_SOURCE" redefined" (#6282 #6283)
* build: sort.py: add -h/-i/-n/-- options (#6290 #6339 #6562)
* build: add strip target and simplify install targets (#6342)
* build: remove clean dependency from cppcheck targets (#6343)
* build: allow overriding common tools (#6354)
* build: standardize install commands (#6366)
* build: improve reliability/portability of date command usage (#6403 #6404)
* build: sort.py: strip whitespace in profiles (#6556)
* build: sort.py: fix whitespace in entire profile (#6593)
* build: sort.py: quote diff lines (#6594)
* build: remove cppcheck-old target/job (#6676)
* ci: always update the package db before installing packages (#5742)
* ci: fix codeql unable to download its own bundle (#5783)
* ci: split configure/build/install commands on gitlab (#5784)
* ci: fix swapped name/email arguments in debian_ci (#5795)
* ci: formatting and misc improvements (#5802)
* ci: run for every branch instead of just master (#5815)
* ci: upgrade debian:stretch to debian:buster (#5818)
* ci: standardize apt-get update/install & misc improvements (#5857)
* ci: Update step-security/harden-runner and update allowed endpoints (#5953)
* ci: whitelist paths, reorganize workflows & speed-up tests (#5960 #6627)
* ci: fix dependabot duplicated workflow runs (#5984)
* ci: allow running workflows manually (#6026)
* ci: add timeout limits (#6178)
* ci: make dependabot updates monthly and bump PR limit (#6338)
* contrib/syntax: remove 'text/plain' from firejail-profile.lang.in (#6057
* #6059)
* contrib/vim: match profile files more broadly (#5850)
* contrib/vim: add ftplugin file (based on cfg.vim) (#6680)
* test: split individual test groups in github workflows
* test: add chroot, appimage and network tests in github workflows
* docs: remove apparmor options in --help when building without apparmor
* support (#5589)
* docs: fix typos (#5693)
* docs: markdown formatting and misc improvements (#5757)
* docs: add uninstall instructions to README.md (#5812)
* docs: add precedence info to manpage & fix noblacklist example (#6358
* #6359)
* docs: bug_report.md: use absolute path in 'steps to reproduce' (#6382)
* docs: man: format and sort some private- items (#6398)
* docs: man: improve blacklist/whitelist examples with spaces (#6425)
* docs: add build_issue.md issue template (#6423)
* docs: man: sort commands (firejail.1) (#6451)
* docs: man: fix bold in command TPs (#6472)
* docs: man: fix wrong escapes (#6474)
* docs: github: streamline environment in issue templates (#6471 #6607)
* docs: fix typos of --enable-selinux configure option (#6526)
* docs: clarify intro and build section in README (#6524)
* docs: clarify that other tools may not be in PPA (#6407)
* docs: use GitHub issues as the bug reporting address (#6525)
* docs: update distribution table & add note in SECURITY.md (#6624)
* docs: clarify unmaintained status of overlayfs in configure.ac (#6632)
* docs: improve whitelist and blacklist descriptions in man pages (#6622)
* docs: note that --build may generate a non-functional profile (#6653)
* legal: selinux.c: Split Copyright notice & use same license as upstream
* (#5667)
* profiles: qutebrowser: fix links not opening in the existing instance
* (#5601 #5618)
* profiles: clarify userns comments (#5686)
* profiles: bulk rename electron to electron-common (#5700)
* profiles: streamline seccomp socket comment (#5735)
* profiles: drop hostname option from all profiles (#5702)
* profiles: move read-only config entries to disable-common.inc (#5763)
* profiles: standardize on just "GTK" on comments (#5794)
* profiles: bleachbit: allow erasing Trash contents (#5337 #5902)
* profiles: improvements to profiles using private (#5946)
* profiles: standardize commented code and eol comments (#5987)
* profiles: disable-common: add more suid programs (#6049 #6051 #6052)
* profiles: replace private-opt with whitelist & document private-opt issues
* (#6021)
* profiles: drop paths already in wusc (#6218)
* profiles: deny access to ~/.config/autostart (#6257)
* profiles: replace x11 socket blacklist with disable-X11.inc (#6286)
* profiles: sort blacklist sections (#6289)
* profiles: rename disable-X11.inc to disable-x11.inc (#6294)
* profiles: add allow-nodejs.inc to profile.template (#6298)
* profiles: add allow-php.inc to profile.template (#6299)
* profiles: clarify and add opengl-game to profile.template (#6300)
* profiles: allow-ssh: allow /etc/ssh/ssh_revoked_hosts (#6308 #6309)
* profiles: libreoffice: support signing documents with GPG (#6352 #6353)
* profiles: blacklist i3 IPC socket & dir except for i3 itself (#6361)
* profiles: librewolf: add new dbus name (io.gitlab.firefox) (#6413 #6473)
* profiles: nextcloud: fix access to ~/Nextcloud (#5877 #6478)
* profiles: ssh: add ${RUNUSER}/gvfsd-sftp (#5816 #6479)
* profiles: firecfg: disable text editors (#6002 #6477)
* profiles: browsers: centralize/sync/improve comments (#6486)
* profiles: keepassxc: add new socket location (#5447 #6391)
* profiles: signal-desktop: allow org.freedesktop.secrets (#6498)
* profiles: firefox-common: allow org.freedesktop.portal.Documents (#6444
* #6499)
* profiles: keepassxc: allow access to ssh-agent socket (#3314 #6531)
* profiles: firecfg.config: disable dnsmasq (#6533)
* profiles: game-launchers: disable nou2f (#6534)
* profiles: anki: fix opening, allow media & add to firecfg (#6544 #6545)
* profiles: wget: allow ~/.local/share/wget (#6542)
* profiles: wget: unify wget2 into wget profile (#6551)
* profiles: tesseract: disable private-tmp to fix ocrmypdf (#6550 #6552)
* profiles: ensure allow-lua where mpv is allowed (#6555)
* profiles: video-players: add missing /usr/share paths (#6557)
* profiles: clamav: add /etc/clamav (#6565)
* profiles: lutris: add comment for gamescope workaround (#6192)
* profiles: disable-common: add bubblejail paths (#6571)
* profiles: fix misc in kmail/transmission-qt & add kontact.profile (#5905)
* profiles: misc changes and self-ref fixes in ghostwriter/peek (#5648)
* profiles: firecfg: fix sha384sum & add b2sum/cksum (#6578)
* profiles: refactor com.github.johnfactotum.Foliate into foliate.profile
* (#6582)
* profiles: anki: fix dark mode detection & misc changes (#6581)
* profiles: tor: add memory-deny-write-execute (#6641)
* profiles: torbrowser-launcher: move path from dc to dp (#6640)
* profiles: ytmdesktop: add redirect & whitelist /opt/ytmdesktop (#6662
* #6666)
* profiles: seahorse: add redirect org.gnome.seahorse.Application (#6658
* #6673)
* profiles: godot: ignore noexec in home to fix addons (#6686)
* new profiles: qpdf and redirects (fix-qdf, qpdf, zlib-flate) (#5675)
* new profiles: parsecd (#5646 #5682)
* new profiles: lobster (#5706 #5847 #5885 #6155)
* new profiles: ani-cli (#5707 #5733 #5892 #5954)
* new profiles: discord redirects (DiscordPTB, discord-ptb) (#5729)
* new profiles: jami and postman (#5691)
* new profiles: mov-cli (#5710)
* new profiles: standard-notes (#5761)
* new profiles: url-eater (#5780)
* new profiles: fbreader redirect (FBReader) (d88c8d4)
* new profiles: rssguard (#5881)
* new profiles: mullvad-browser (#5887)
* new profiles: sniffnet (#5920)
* new profiles: daisy (#5935)
* new profiles: reader (#5934)
* new profiles: journal-viewer (#5943)
* new profiles: clac (#5947)
* new profiles: blender redirect (blender-3.6) (#6013)
* new profiles: fluffychat (#6007)
* new profiles: lettura (#6027)
* new profiles: brz and bzr (Breezy) (#6028)
* new profiles: floorp (#6030 #6683)
* new profiles: tidal-hifi (#6008 #6009)
* new profiles: termshark (#6039)
* new profiles: tiny-rdm (#6083)
* new profiles: rawtherapee (#6180)
* new profiles: electron-cash (#6181)
* new profiles: gnome-boxes (#6226)
* new profiles: virt-manager (#6227)
* new profiles: ledger-live-desktop (#6219)
* new profiles: lz4 and redirects (#6241)
* new profiles: qt5ct (#6249)
* new profiles: qt6ct (#6250)
* new profiles: green-recoder (#6237)
* new profiles: bpftop (#6231)
* new profiles: erd (#6236)
* new profiles: lyriek (#6245)
* new profiles: statusof (#6253)
* new profiles: cloneit (#6232)
* new profiles: deadlink (#6233)
* new profiles: dexios (#6234)
* new profiles: koreader (#6243)
* new profiles: editorconfiger (#6235)
* new profiles: localsend_app (#6244)
* new profiles: rymdport (#6251)
* new profiles: textroom (#6254)
* new profiles: tvnamer (#6256)
* new profiles: mimetype (#6247)
* new profiles: session-desktop (#6259)
* new profiles: metadata-cleaner (#6246)
* new profiles: tqemu (#6255)
* new profiles: gh (GitHub CLI) (#6293)
* new profiles: axel (#6315)
* new profiles: several kids programs (alienblaster geki2 geki3 lbreakouthd
* tuxtype typespeed) (4c5f558)
* new profiles: loupe (#6327 #6333)
* new profiles: d-spy (#6328)
* new profiles: nhex (#6341)
* new profiles: armcord (#6365)
* new profiles: dtui (#6422)
* new profiles: singularity (Endgame: Singularity) (#6463)
* new profiles: prismlauncher (#6558)
* new profiles: irssi (#6549)
* new profiles: syncthing (#6536)
* new profiles: obsidian (#6314)
* new profiles: b3sum (blake3) (#6577)
* new profiles: aria2p/aria2rpc (#6583 #6609)
* new profiles: buku (#6584)
* new profiles: monero-wallet-cli (#6586)
* new profiles: tremc (#6590)
* new profiles: device-flasher.linux (CalyxOS) (#6616)
* new profiles: hledger/hledger-ui (#6585)
* new profiles: ncmpcpp (#6587)
* new profiles: pyradio (#6589)
* new profiles: vesktop (#6654)
* new profiles: nsxiv (#6588)
* new profiles: remmina-file-wrapper (#6669)
* new profiles: ouch (#6678)
* new profiles: xarchiver (#6679)
-------------------------------------------------------------------
Thu Jan 9 21:42:45 UTC 2025 - Christian Boltz <suse-beta@cboltz.de>
- Load/reload AppArmor profiles when installing the package (boo#1235142#c1)
-------------------------------------------------------------------
Sun Feb 4 19:16:55 UTC 2024 - Arjen de Korte <suse+build@de-korte.org>
- Use sysuser-tools to generate firejail group
-------------------------------------------------------------------
Sun Apr 9 14:43:39 UTC 2023 - Sebastian Wagner <sebix@sebix.at>
- update to version 0.9.72:
* modif: move hardcoded apps recognized by default in uiapps file
* modif: remove sandbox edit dialog and replace it with uiapps file
* feature: added uiapps file for default and user apps configuration
* feature: added a system network monitor in sandbox stats
* feature: added apparmor support in firejail-ui
* feature: added bluetooth support in firejail-ui
* feature: print final sandbox configuration in firejail-ui
* bugfixes
-------------------------------------------------------------------
Tue Jun 14 20:21:18 UTC 2022 - Sebastian Wagner <sebix@sebix.at>
- remove patches fix-internet-access.patch and fix-CVE-2022-31214.patch
as they are integrated upstream
- update to version 0.9.70:
- security: CVE-2022-31214 - root escalation in --join logic
- Reported by Matthias Gerstner, working exploit code was provided to our
- development team. In the same time frame, the problem was independently
- reported by Birk Blechschmidt. Full working exploit code was also provided.
- feature: enable shell tab completion with --tab (#4936)
- feature: disable user profiles at compile time (#4990)
- feature: Allow resolution of .local names with avahi-daemon in the apparmor
- profile (#5088)
- feature: always log seccomp errors (#5110)
- feature: firecfg --guide, guided user configuration (#5111)
- feature: --oom, kernel OutOfMemory-killer (#5122)
- modif: --ids feature needs to be enabled at compile time (#5155)
- modif: --nettrace only available to root user
- rework: whitelist restructuring (#4985)
- rework: firemon, speed up and lots of fixes
- bugfix: --private-cwd not expanding macros, broken hyperrogue (#4910)
- bugfix: nogroups + wrc prints confusing messages (#4930 #4933)
- bugfix: openSUSE Leap - whitelist-run-common.inc (#4954)
- bugfix: fix printing in evince (#5011)
- bugfix: gcov: fix gcov functions always declared as dummy (#5028)
- bugfix: Stop warning on safe supplementary group clean (#5114)
- build: remove ultimately unused INSTALL and RANLIB check macros (#5133)
- build: mkdeb.sh.in: pass remaining arguments to ./configure (#5154)
- ci: replace centos (EOL) with almalinux (#4912)
- ci: fix --version not printing compile-time features (#5147)
- ci: print version after install & fix apparmor support on build_apparmor
- (#5148)
- docs: Refer to firejail.config in configuration files (#4916)
- docs: firejail.config: add warning about allow-tray (#4946)
- docs: mention that the protocol command accumulates (#5043)
- docs: mention inconsistent homedir bug involving --private=dir (#5052)
- docs: mention capabilities(7) on --caps (#5078)
- new profiles: onionshare, onionshare-cli, opera-developer, songrec
- new profiles: node-gyp, npx, semver, ping-hardened
- removed profiles: nvm
-------------------------------------------------------------------
Wed Jun 8 21:08:03 UTC 2022 - Sebastian Wagner <sebix@sebix.at>
- fix bsc#1199148 CVE-2022-31214 by adding patch fix-CVE-2022-31214.patch
using commits from upstream.
-------------------------------------------------------------------
Mon Feb 28 19:38:38 UTC 2022 - Sebastian Wagner <sebix@sebix.at>
- add fix-internet-access.patch to fix boo#1196542
-------------------------------------------------------------------
Sun Feb 6 21:09:00 UTC 2022 - Sebastian Wagner <sebix@sebix.at>
- update to firejail 0.9.68:
- security: on Ubuntu, the PPA is now recommended over the distro package
- (see README.md) (#4748)
- security: bugfix: private-cwd leaks access to the entire filesystem
- (#4780); reported by Hugo Osvaldo Barrera
- feature: remove (some) environment variables with auth-tokens (#4157)
- feature: ALLOW_TRAY condition (#4510 #4599)
- feature: add basic Firejail support to AppArmor base abstraction (#3226
- #4628)
- feature: intrusion detection system (--ids-init, --ids-check)
- feature: deterministic shutdown command (--deterministic-exit-code,
- --deterministic-shutdown) (#928 #3042 #4635)
- feature: noprinters command (#4607 #4827)
- feature: network monitor (--nettrace)
- feature: network locker (--netlock) (#4848)
- feature: whitelist-ro profile command (#4740)
- feature: disable pipewire with --nosound (#4855)
- feature: Unset TMP if it doesn't exist inside of sandbox (#4151)
- feature: Allow apostrophe in whitelist and blacklist (#4614)
- feature: AppImage support in --build command (#4878)
- modifs: exit code: distinguish fatal signals by adding 128 (#4533)
- modifs: firecfg.config is now installed to /etc/firejail/ (#408 #4669)
- modifs: close file descriptors greater than 2 (--keep-fd) (#4845)
- modifs: nogroups now stopped causing certain system groups to be dropped,
- which are now controlled by the relevant "no" options instead (such as
- nosound -> drop audio group), which fixes device access issues on systems
- not using (e)logind (such as with seatd) (#4632 #4725 #4732 #4851)
- removal: --disable-whitelist at compile time
- removal: whitelist=yes/no in /etc/firejail/firejail.config
- bugfix: Fix sndio support (#4362 #4365)
- bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387)
- bugfix: --build clears the environment (#4460 #4467)
- bugfix: firejail hangs with net parameter (#3958 #4476)
- bugfix: Firejail does not work with a custom hosts file (#2758 #4560)
- bugfix: --tracelog and --trace override /etc/ld.so.preload (#4558 #4586)
- bugfix: PATH_MAX is undeclared on musl libc (#4578 #4579 #4583 #4606)
- bugfix: firejail symlinks are not skipped with private-bin + globs (#4626)
- bugfix: Firejail rejects empty arguments (#4395)
- bugfix: firecfg does not work with symlinks (discord.desktop) (#4235)
- bugfix: Seccomp list output goes to stdout instead of stderr (#4328)
- bugfix: private-etc does not work with symlinks (#4887)
- bugfix: Hardware key not detected on keepassxc (#4883)
- build: allow building with address sanitizer (#4594)
- build: Stop linking pthread (#4695)
- build: Configure cleanup and improvements (#4712)
- ci: add profile checks for sorting disable-programs.inc and
- firecfg.config and for the required arguments in private-etc (#2739 #4643)
- ci: pin GitHub actions to SHAs and use Dependabot to update them (#4774)
- docs: Add new command checklist to CONTRIBUTING.md (#4413)
- docs: Rework bug report issue template and add both a question and a
- feature request template (#4479 #4515 #4561)
- docs: fix contradictory descriptions of machine-id ("preserves" vs
- "spoofs") (#4689)
- docs: Document that private-bin and private-etc always accumulate (#4078)
- new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462)
- new includes: disable-proc.inc (#4521)
- removed includes: disable-passwordmgr.inc (#4454 #4461)
- new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim
- new profiles: io.github.lainsce.Notejot, rednotebook, gallery-dl
- new profiles: yt-dlp, goldendict, goldendict, bundle, cmake
- new profiles: make, meson, pip, codium, telnet, ftp, OpenStego
- new profiles: imv, retroarch, torbrowser, CachyBrowser,
- new profiles: notable, RPCS3, wget2, raincat, conitop, 1passwd,
- new profiles: Seafile, neovim, com.github.tchx84.Flatseal
-------------------------------------------------------------------
Sun Jul 18 16:45:49 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
- firejail 0.9.66:
* deprecated --audit options, relpaced by jailcheck utility
* deprecated follow-symlink-as-user from firejail.config
* new firejail.config settings: private-bin, private-etc
* new firejail.config settings: private-opt, private-srv
* new firejail.config settings: whitelist-disable-topdir
* new firejail.config settings: seccomp-filter-add
* removed kcmp syscall from seccomp default filter
* rename --noautopulse to keep-config-pulse
* filtering environment variables
* zsh completion
* command line: --mkdir, --mkfile
* --protocol now accumulates
* jailtest utility for testing running sandboxes
* faccessat2 syscall support
* --private-dev keeps /dev/input
* added --noinput to disable /dev/input
* add support for subdirs in --private-etc
* subdirs support in private-etc
* input devices support in private-dev, --no-input
* support trailing comments on profile lines
* many new profiles
- split shell completion into standard subpackages
-------------------------------------------------------------------
Sun Feb 7 23:09:58 UTC 2021 - Илья Индиго <ilya@ilya.pp.ua>
- Update to 0.9.64.4:
* disabled overlayfs, pending multiple fixes
* fixed launch firefox for open url in telegram-desktop.profile
-------------------------------------------------------------------
Thu Jan 28 18:35:06 UTC 2021 - Илья Индиго <ilya@ilya.pp.ua>
- Update to 0.9.64.2:
* allow --tmpfs inside $HOME for unprivileged users
* --disable-usertmpfs compile time option
* allow AF_BLUETOOTH via --protocol=bluetooth
* setup guide for new users: contrib/firejail-welcome.sh
* implement netns in profiles
* added nolocal6.net IPv6 network filter
* new profiles: spectacle, chromium-browser-privacy,
gtk-straw-viewer, gtk-youtube-viewer, gtk2-youtube-viewer,
gtk3-youtube-viewer, straw-viewer, lutris, dolphin-emu,
authenticator-rs, servo, npm, marker, yarn, lsar, unar, agetpkg,
mdr, shotwell, qnapi, new profiles: guvcview, pkglog, kdiff3, CoyIM.
-------------------------------------------------------------------
Mon Nov 2 19:44:51 UTC 2020 - Sebastian Wagner <sebix@sebix.at>
- packaging fixes
-------------------------------------------------------------------
Sun Nov 1 16:58:56 UTC 2020 - Sebastian Wagner <sebix@sebix.at>
- Update to version 0.9.64:
* replaced --nowrap option with --wrap in firemon
* The blocking action of seccomp filters has been changed from
killing the process to returning EPERM to the caller. To get the
previous behaviour, use --seccomp-error-action=kill or
syscall:kill syntax when constructing filters, or override in
/etc/firejail/firejail.config file.
* Fine-grained D-Bus sandboxing with xdg-dbus-proxy.
xdg-dbus-proxy must be installed, if not D-Bus access will be allowed.
With this version nodbus is deprecated, in favor of dbus-user none and
dbus-system none and will be removed in a future version.
* DHCP client support
* firecfg only fix dektop-files if started with sudo
* SELinux labeling support
* custom 32-bit seccomp filter support
* restrict ${RUNUSER} in several profiles
* blacklist shells such as bash in several profiles
* whitelist globbing
* mkdir and mkfile support for /run/user directory
* support ignore for include
* --include on the command line
* splitting up media players whitelists in whitelist-players.inc
* new condition: HAS_NOSOUND
* new profiles: gfeeds, firefox-x11, tvbrowser, rtv, clipgrab, muraster
* new profiles: gnome-passwordsafe, bibtex, gummi, latex, mupdf-x11-curl
* new profiles: pdflatex, tex, wpp, wpspdf, wps, et, multimc, mupdf-x11
* new profiles: gnome-hexgl, com.github.johnfactotum.Foliate, mupdf-gl, mutool
* new profiles: desktopeditors, impressive, planmaker18, planmaker18free
* new profiles: presentations18, presentations18free, textmaker18, teams
* new profiles: textmaker18free, xournal, gnome-screenshot, ripperX
* new profiles: sound-juicer, com.github.dahenson.agenda, gnome-pomodoro
* new profiles: gnome-todo, x2goclient, iagno, kmplayer, penguin-command
* new profiles: frogatto, gnome-mines, gnome-nibbles, lightsoff, warmux
* new profiles: ts3client_runscript.sh, ferdi, abiword, four-in-a-row
* new profiles: gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin
* new profiles: gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars
* new profiles: hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless
* new profiles: mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers
* new profiles: seahorse-adventures, wordwarvi, xbill, gnome-klotski
* new profiles: swell-foop, fdns, five-or-more, steam-runtime
* new profiles: nicotine, plv, mocp, apostrophe, quadrapassel, dino-im
* new profiles: hitori, bijiben, gnote, gnubik, ZeGrapher, xonotic-sdl-wrapper
* new profiles: gapplication, openarena_ded, element-desktop, cawbird
* new profiles: freetube, strawberry, jitsi-meet-desktop
* new profiles: homebank, mattermost-desktop, newsflash, com.gitlab.newsflash
* new profiles: sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx
* new profiles: minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar
* new profiles: vmware, git-cola, otter-browser, kazam, menulibre, musictube
* new profiles: onboard, fractal, mirage, quaternion, spectral, man, psi
* new profiles: smuxi-frontend-gnome, balsa, kube, trojita, youtube
* new profiles: youtubemusic-nativefier, cola, dbus-send, notify-send
* new profiles: qrencode, ytmdesktop, twitch
* new profiles: xournalpp, chromium-freeworld, equalx
- remove firejail-0.9.62-fix-usr-etc.patch, included upstream
- remove firejail-apparmor-3.0.diff, included upstream
-------------------------------------------------------------------
Mon Oct 26 22:34:02 UTC 2020 - Christian Boltz <suse-beta@cboltz.de>
- Add firejail-apparmor-3.0.diff to make the AppArmor profile compatible with
AppArmor 3.0 (add missing include <tunables/global>)
-------------------------------------------------------------------
Wed Aug 19 06:15:16 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.9.62.4
* fix AppArmor broken in the previous release
* miscellaneous fixes
-------------------------------------------------------------------
Thu Aug 13 06:13:57 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
- Update to 0.9.62.2
* fix CVE-2020-17367
* fix CVE-2020-17368
* additional hardening and bug fixes
- Remove fix-CVE-2020-17368.patch
- Remove fix-CVE-2020-17367.patch
-------------------------------------------------------------------
Sat Aug 8 16:56:43 UTC 2020 - Sebastian Wagner <sebix@sebix.at>
- Add patches fix-CVE-2020-17367.patch and fix-CVE-2020-17368.patch to fix CVE-2020-17367 and CVE-2020-17368 and boo#1174986
-------------------------------------------------------------------
Wed Apr 29 11:30:38 UTC 2020 - Michael Vetter <mvetter@suse.com>
- Add firejail-0.9.62-fix-usr-etc.patch:
Check /usr/etc not just /etc
- Replace python interpreter line in sort.py
-------------------------------------------------------------------
Tue Feb 11 22:32:46 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- update to version 0.9.62
* added file-copy-limit in /etc/firejail/firejail.config
* profile templates (/usr/share/doc/firejail)
* allow-debuggers support in profiles
* several seccomp enhancements
* compiler flags autodetection
* move chroot entirely from path based to file descriptor based mounts
* whitelisting /usr/share in a large number of profiles
* new scripts in conrib: gdb-firejail.sh and sort.py
* enhancement: whitelist /usr/share in some profiles
* added signal mediation to apparmor profile
* new conditions: HAS_X11, HAS_NET
* new profiles: qgis, klatexformula, klatexformula_cmdl, links, xlinks
* new profiles: pandoc, teams-for-linux, OpenArena, gnome-sound-recorder
* new profiles: godot, tcpdump, tshark, newsbeuter, keepassxc-cli
* new profiles: keepassxc-proxy, rhythmbox-client, jerry, zeal, mpg123
* new profiles: conplay, mpg123.bin, mpg123-alsa, mpg123-id3dump, out123
* new profiles: mpg123-jack, mpg123-nas, mpg123-openal, mpg123-oss
* new profiles: mpg123-portaudio, mpg123-pulse, mpg123-strip, pavucontrol-qt
* new profiles: gnome-characters, gnome-character-map, rsync, Whalebird,
* new profiles: tor-browser (AUR), Zulip, tb-starter-wrapper, bzcat,
* new profiles: kiwix-desktop, bzcat, zstd, pzstd, zstdcat, zstdgrep, zstdless
* new profiles: zstdmt, unzstd, i2p, ar, gnome-latex, pngquant, kalgebra
* new profiles: kalgebramobile, signal-cli, amuled, kfind, profanity
* new profiles: audio-recorder, cameramonitor, ddgtk, drawio, unf, gmpc
* new profiles: electron-mail, gist, gist-paste
-------------------------------------------------------------------
Sun Jun 2 16:30:42 UTC 2019 - Sebastian Wagner <sebix@sebix.at>
- update to version 0.9.60:
* security bug reported by Austin Morton:
Seccomp filters are copied into /run/firejail/mnt, and are writable
within the jail. A malicious process can modify files from inside the
jail. Processes that are later joined to the jail will not have seccomp
filters applied.
CVE-2019-12589
boo#1137139
* memory-deny-write-execute now also blocks memfd_create
* add private-cwd option to control working directory within jail
* blocking system D-Bus socket with --nodbus
* bringing back Centos 6 support
* drop support for flatpak/snap packages
* new profiles: crow, nyx, mypaint, celluoid, nano, transgui, mpdris2
* new profiles: sysprof, simplescreenrecorder, geekbench, xfce4-mixer
* new profiles: pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring
* new profiles: regextester, hardinfo, gnome-system-log, gnome-nettool
* new profiles: netactview, redshift, devhelp, assogiate, subdownloader
* new profiles: font-manager, exfalso, gconf-editor, dconf-editor
* new profiles: sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings
* new profiles: code-oss, pragha, Maelstrom, ostrichriders, bzflag
* new profiles: freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles
* new profiles: teeworlds, torcs, tremulous, warsow, lugaru, manaplus
* new profiles: pioneer, scorched3d, widelands, freemind, kid3, kid3-qt
* new profiles: kid3-cli, nomacs, freecol, opencity, openclonk, slashem
* new profiles: vultureseye, vulturesclaw, anki, cheese, utox, mp3splt
* new profiles: oggsplt, flacsplt, gramps, newsboat, freeoffice-planmaker
* new profiles: autokey-gtk, autokey-qt, autokey-run, autokey-shell
* new profiles: freeoffice-presentations, freeoffice-textmaker, mp3wrap
* new profiles: inkview, meteo-qt, mp3splt-gtk, ktouch, yelp, cantata
-------------------------------------------------------------------
Fri Feb 1 07:29:32 UTC 2019 - info@paolostivanin.com
- update to version 0.9.58:
* --disable-mnt rework
* --net.print command
* GitLab CI/CD integration: disto specific builds
* profile parser enhancements and conditional handling support
for HAS_APPIMAGE, HAS_NODBUS, BROWSER_DISABLE_U2F
* profile name support
* added explicit nonewprivs support to join option
* new profiles: QMediathekView, aria2c, Authenticator, checkbashisms
* new profiles: devilspie, devilspie2, easystroke, github-desktop, min
* new profiles: bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat
* new profiles: lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep
* new profiles: lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat
* new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore
* new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh
* new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie
* new profiles: masterpdfeditor, QOwnNotes, aisleriot, Mendeley
* new profiles: feedreader, ocenaudio, mpsyt, thunderbird-wayland
* new profiles: supertuxkart, ghostwriter, gajim-history-manager
* bugfixes
-------------------------------------------------------------------
Sat Sep 22 09:11:21 UTC 2018 - Sebastian Wagner <sebix@sebix.at>
- update to version 0.9.56:
* modif: removed CFG_CHROOT_DESKTOP configuration option
* modif: removed compile time --enable-network=restricted
* modif: removed compile time --disable-bind
* modif: --net=none allowed even if networking was disabled at compile
time or at run time
* modif: allow system users to run the sandbox
* support wireless devices in --net option
* support tap devices in --net option (tunneling support)
* allow IP address configuration if the parent interface specified
by --net is not configured (--netmask)
* support for firetunnel utility
* disable U2F devices (--nou2f)
* add --private-cache to support private ~/.cache
* support full paths in private-lib
* globbing support in private-lib
* support for local user directories in firecfg (--bindir)
* new profiles: ms-excel, ms-office, ms-onenote, ms-outlook, ms-powerpoint,
* new profiles: ms-skype, ms-word, riot-desktop, gnome-mpv, snox, gradio,
* new profiles: standardnotes-desktop, shellcheck, patch, flameshot,
* new profiles: rview, rvim, vimcat, vimdiff, vimpager, vimtutor, xxd,
* new profiles: Beaker, electrum, clamtk, pybitmessage, dig, whois,
* new profiles: jdownloader, Fluxbox, Blackbox, Awesome, i3
* new profiles: start-tor-browser.desktop
-------------------------------------------------------------------
Tue Sep 11 08:12:48 UTC 2018 - Markos Chandras <mchandras@suse.de>
- Drop ldconfig calls since firejail libraries are installed in their
own subdirectory which is not scanned by ldconfig.
-------------------------------------------------------------------
Mon Sep 10 08:58:32 UTC 2018 - Markos Chandras <mchandras@suse.de>
- Remove the rpmlintrc file since the warnings are no longer relevant.
-------------------------------------------------------------------
Thu Aug 23 19:34:44 UTC 2018 - sebix@sebix.at
- Changed the permissions of the firejail executable to 4750.
Setuid mode is used, but only allowed for users in the newly
created group 'firejail' (boo#1059013).
- Update to version 0.9.54:
* modif: --force removed
* modif: --csh, --zsh removed
* modif: --debug-check-filename removed
* modif: --git-install and --git-uninstall removed
* modif: support for private-bin, private-lib and shell none has been
disabled while running AppImage archives in order to be able to use
our regular profile files with AppImages.
* modif: restrictions for /proc, /sys and /run/user directories
are moved from AppArmor profile into firejail executable
* modif: unifying Chromium and Firefox browsers profiles.
All users of Firefox-based browsers who use addons and plugins
that read/write from ${HOME} will need to uncomment the includes for
firefox-common-addons.inc in firefox-common.profile.
* modif: split disable-devel.inc into disable-devel and
disable-interpreters.inc
* Firejail user access database (/etc/firejail/firejail.users,
man firejail-users)
* add --noautopulse to disable automatic ~/.config/pulse (for complex setups)
* Spectre mitigation patch for gcc and clang compiler
* D-Bus handling (--nodbus)
* AppArmor support for overlayfs and chroot sandboxes
* AppArmor support for AppImages
* Enable AppArmor by default for a large number of programs
* firejail --apparmor.print option
* firemon --apparmor option
* apparmor yes/no flag in /etc/firejail/firejail.config
* seccomp syscall list update for glibc 2.26-10
* seccomp disassembler for --seccomp.print option
* seccomp machine code optimizer for default seccomp filters
* IPv6 DNS support
* whitelist support for overlay and chroot sandboxes
* private-dev support for overlay and chroot sandboxes
* private-tmp support for overlay and chroot sandboxes
* added sandbox name support in firemon
* firemon/prctl enhancements
* noblacklist support for /sys/module directory
* whitelist support for /sys/module directory
* new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed,
* new profiles: discord-canary, pycharm-community, pycharm-professional,
* new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine,
* new profiles: falkon, gnome-builder, asunder, VS Code, gnome-recipes,
* new profiles: akonadi_controle, evince-previewer, evince-thumbnailer,
* new profiles: blender-2.8, thunderbird-beta, ncdu, gnome-logs, gcloud,
* new profiles: musixmatch, gunzip, bunzip2, enchant-lsmod, enchant-lsmod-2,
* new profiles: enchant, enchant-2, Discord, acat, adiff, als, apack,
* new profiles: arepack, aunpack profiles, ppsspp, scallion, clion,
* new profiles: baloo_filemetadata_temp_extractor, AnyDesk, webstorm, xmind,
* new profiles: qmmp, sayonara
-------------------------------------------------------------------
Wed Dec 13 00:54:11 UTC 2017 - avindra@opensuse.org
- Update to version 0.9.52:
* New features
+ systemd-resolved integration
+ whitelisted /var in most profiles
+ GTK2, GTK3 and Qt4 private-lib support
+ --debug-private-lib
+ test deployment of private-lib for the some apps: evince,
galculator, gnome-calculator, leafpad, mousepad,
transmission-gtk, xcalc, xmr-stak-cpu, atril,
mate-color-select, tar, file, strings, gpicview, eom, eog,
gedit, pluma
+ netfilter template support
+ various new arguments
* --writable-run-user
* --rlimit-as
* --rlimit-cpu
* --timeout
* --build (profile build tool)
* --netfilter.print
* --netfilter6.print
* deprecations in modif
+ --allow-private-blacklists (blacklisting, read-only,
read-write, tmpfs and noexec are allowed in private home
directories
+ remount-proc-sys (firejail.config)
+ follow-symlink-private-bin (firejail.config)
+ --profile-path
* enhancements
+ support Firejail user config directory in firecfg
+ disable DBus activation in firecfg
+ enumerate root directories in apparmor profile
+ /etc and /usr/share whitelisting support
+ globbing support for --private-bin
* new profiles: upstreamed profiles from 3 sources:
+ https://github.com/chiraag-nataraj/firejail-profiles
+ https://github.com/nyancat18/fe
+ https://aur.archlinux.org/packages/firejail-profiles
* new profiles: terasology, surf, rocketchat, clamscan, clamdscan,
clamdtop, freshclam, xmr-stak-cpu, amule, ardour4, ardour5,
brackets, calligra, calligraauthor, calligraconverter,
calligraflow, calligraplan, calligraplanwork, calligrasheets,
calligrastage, calligrawords, cin, dooble, dooble-qt4,
fetchmail, freecad, freecadcmd, google-earth,imagej, karbon,
1kdenlive, krita, linphone, lmms, macrofusion, mpd, natron,
Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en,
Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg,
bluefish, cinelerra, openshot-qt, pinta, uefitool, aosp,
pdfmod, gnome-ring, xcalc, zaproxy, kopete, cliqz,
signal-desktop, kget, nheko, Enpass, kwin_x11, krunner, ping,
bsdtar, makepkg (Arch), archaudit-report cower (Arch), kdeinit4
- Add full link to source tarball from sourceforge
- Add asc file
-------------------------------------------------------------------
Sat Sep 9 14:40:29 UTC 2017 - aavindraa@gmail.com
- Update to version 0.9.50:
* New features:
- per-profile disable-mnt (--disable-mnt)
- per-profile support to set X11 Xephyr screen size (--xephyr-screen)
- private /lib directory (--private-lib)
- disable CDROM/DVD drive (--nodvd)
- disable DVB devices (--notv)
- --profile.print
* modif: --output split in two commands, --output and --output-stderr
* set xpra-attach yes in /etc/firejail/firejail.config
* Enhancements:
- print all seccomp filters under --debug
- /proc/sys mounting
- rework IP address assingment for --net options
- support for newer Xpra versions (2.1+) -
- all profiles use a standard layout style
- create /usr/local for firecfg if the directory doesn't exist
- allow full paths in --private-bin
* New seccomp features:
- --memory-deny-write-execute
- seccomp post-exec
- block secondary architecture (--seccomp.block_secondary)
- seccomp syscall groups
- print all seccomp filters under --debug
- default seccomp list update
* new profiles:
curl, mplayer2, SMPlayer, Calibre, ebook-viewer, KWrite,
Geary, Liferea, peek, silentarmy, IntelliJ IDEA,
Android Studio, electron, riot-web, Extreme Tux Racer,
Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux
telegram-desktop, arm, rambox, apktool, baobab, dex2jar, gitg,
hashcat, obs, picard, remmina, sdat2img, soundconverter
truecraft, gnome-twitch, tuxguitar, musescore, neverball
sqlitebrowse, Yandex Browser, minetest
-------------------------------------------------------------------
Tue Aug 15 15:47:49 CEST 2017 - tiwai@suse.de
- Update to version 0.9.48:
* modifs: whitelisted Transmission, Deluge, qBitTorrent,
KTorrent;
please use ~/Downloads directory for saving files
* modifs: AppArmor made optional; a warning is printed on the
screen if the sandbox fails to load the AppArmor profile
* feature: --novideo
* feature: drop discretionary access control capabilities for
root sandboxes
* feature: added /etc/firejail/globals.local for global
customizations
* feature: profile support in overlayfs mode
* new profiles: vym, darktable, Waterfox, digiKam, Catfish,
HandBrake
* bugfixes
-------------------------------------------------------------------
Mon Jan 16 16:33:59 CET 2017 - tiwai@suse.de
- Update to version 0.9.44.4:
* --bandwidth root shell found by Martin Carpenter (CVE-2017-5207)
* disabled --allow-debuggers when running on kernel versions prior
to 4.8; a kernel bug in ptrace system call allows a full bypass
of seccomp filter; problem reported by Lizzie Dixon (CVE-2017-5206)
* root exploit found by Sebastian Krahmer (CVE-2017-5180)
- Update to version 0.9.44.6:
* new fix for CVE-2017-5180 reported by Sebastian Krahmer last week
* major cleanup of file copying code
* tightening the rules for --chroot and --overlay features
* ported Gentoo compile patch
* Nvidia drivers bug in --private-dev
* fix ASSERT_PERMS_FD macro
* allow local customization using .local files under /etc/firejail
backported from our development branch
* spoof machine-id backported from our development branch
- Remove obsoleted patches:
firejail-CVE-2017-5180-fix1.patch
firejail-CVE-2017-5180-fix2.patch
-------------------------------------------------------------------
Thu Jan 5 10:38:43 CET 2017 - tiwai@suse.de
- Update to version 0.9.44.2:
Security fixes:
* overwrite /etc/resolv.conf found by Martin Carpenter
* TOCTOU exploit for –get and –put found by Daniel Hodson
* invalid environment exploit found by Martin Carpenter
* several security enhancements
Bugfixes:
* crashing VLC by pressing Ctrl-O
* use user configured icons in KDE
* mkdir and mkfile are not applied to private directories
* cannot open files on Deluge running under KDE
* –private=dir where dir is the user home directory
* cannot start Vivaldi browser
* cannot start mupdf
* ssh profile problems
* –quiet
* quiet in git profile
* memory corruption
- Fix VUL-0: local root exploit (CVE-2017-5180,bsc#1018259):
firejail-CVE-2017-5180-fix1.patch
firejail-CVE-2017-5180-fix2.patch
-------------------------------------------------------------------
Thu Oct 27 17:49:48 CEST 2016 - tiwai@suse.de
- Update to version 0.9.44:
* CVE-2016-7545 submitted by Aleksey Manevich
Modifications:
* removed man firejail-config
* –private-tmp whitelists /tmp/.X11-unix directory
* Nvidia drivers added to –private-dev
* /srv supported by –whitelist
New features:
* allow user access to /sys/fs (–noblacklist=/sys/fs)
* support starting/joining sandbox is a single command (–join-or-start)
* X11 detection support for –audit
* assign a name to the interface connected to the bridge (–veth-name)
* all user home directories are visible (–allusers)
* add files to sandbox container (–put)
* blocking x11 (–x11=block)
* X11 security extension (–x11=xorg)
* disable 3D hardware acceleration (–no3d)
* x11 xpra, x11 xephyr, x11 block, allusers, no3d profile commands
* move files in sandbox (–put)
* accept wildcard patterns in user name field of restricted shell login feature
New profiles:
* qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape
* feh, ranger, zathura, 7z, keepass, keepassx,
* claws-mail, mutt, git, emacs, vim, xpdf, VirtualBox, OpenShot
* Flowblade, Eye of GNOME (eog), Evolution
-------------------------------------------------------------------
Fri Sep 30 10:56:58 CEST 2016 - tiwai@suse.de
- Update to version 0.9.42:
Security fixes:
* –whitelist deleted files
* disable x32 ABI in seccomp
* tighten –chroot
* terminal sandbox escape
* several TOCTOU fixes
Behavior changes:
* bringing back –private-home option
* deprecated –user option, please use “sudo -u username firejail”
* allow symlinks in home directory for –whitelist option
* Firejail prompt is enabled by env variable FIREJAIL_PROMPT=”yes”
* recursive mkdir
* include /dev/snd in –private-dev
* seccomp filter update
* release archives moved to .xz format
New features:
* AppImage support (–appimage)
* AppArmor support (–apparmor)
* Ubuntu snap support (/etc/firejail/snap.profile)
* Sandbox auditing support (–audit)
* remove environment variable (–rmenv)
* noexec support (–noexec)
* clean local overlay storage directory (–overlay-clean)
* store and reuse overlay (–overlay-named)
* allow debugging inside the sandbox with gdb and strace (–allow-debuggers)
* mkfile profile command
* quiet profile command
* x11 profile command
* option to fix desktop files (firecfg –fix)
Build options:
* Busybox support (–enable-busybox-workaround)
* disable overlayfs (–disable-overlayfs)
* disable whitlisting (–disable-whitelist)
* disable global config (–disable-globalcfg)
Runtime options:
* enable/disable overlayfs (overlayfs yes/no)
* enable/disable quiet as default (quiet-by-default yes/no)
* user-defined network filter (netfilter-default)
* enable/disable whitelisting (whitelist yes/no)
* enable/disable remounting of /proc and /sys (remount-proc-sys yes/no)
* enable/disable chroot desktop features (chroot-desktop yes/no)
New/updated profiels:
* Gitter, gThumb, mpv, Franz messenger, LibreOffice
* pix, audacity, xz, xzdec, gzip, cpio, less
* Atom Beta, Atom, jitsi, eom, uudeview
* tar (gtar), unzip, unrar, file, skypeforlinux,
* inox, Slack, gnome-chess. Gajim IM client, DOSBox
- Enable apparmor support
-------------------------------------------------------------------
Wed Jun 8 15:20:43 CEST 2016 - tiwai@suse.de
- Update to version 0.9.40:
* Added firecfg utility
* New options: -nice, -cpu.print, -writable-etc, -writable-var,
-read-only
* X11 support: -x11 option (-x11=xpra, -x11=xephr)
* Filetransfer options: –ls and –get
* Added mkdir, ipc-namespace, and nosound profile commands
* added net, ip, defaultgw, ip6, mac, mtu and iprange profile
commands
* Run time config support, man firejail-config
* AppArmor fixes
* Default seccomp filter update
* Disable STUN/WebRTC in default netfilter configuration
* Lots of new profiles
-------------------------------------------------------------------
Tue May 17 17:13:03 CEST 2016 - tiwai@suse.de
- initial package: 0.9.38
