dd8761415a
- Update to version v0.10.0: * New features: Add the --[ro-]bind-fd option, which can be used to mount a filesystem represented by a file descriptor without time-of-check/time-of-use attacks. This is needed when resolving CVE-2024-42472 in Flatpak. * Other changes: Fix some confusing syntax in SetupOpFlag (no functional change).
Sebastian Wagner2024-08-14 18:42:56 +00:00
341d1d8c7a
Accepting request 1164156 from Virtualization:containers
Ana Guerrero2024-04-03 15:18:15 +00:00
7cfecc3aa1
Accepting request 1164131 from home:wfrisch:branches:Virtualization:containers
Sebastian Wagner2024-04-02 15:17:40 +00:00
39e3ce8e70
- Update to 0.6.1: - Add a release checklist - completions: Make zsh completion non-executable The Autotools build system installed it with 0644 permissions because it's listed as DATA, but the Meson build system installs executable files as executable by default. zsh completions don't need to be executable to work, and this one doesn't have the #! marker that should start an executable script. - update to 0.6.0: - meson: Improve compatibility with Meson 0.49 That version doesn't allow more than two arguments for define_variable. - Disable test-specifying-pidns.sh under 'meson dist' while I investigate This test is hanging when run under 'meson dist' for some reason, but not when run under 'meson test', and not locally, only in the Github Workflow-based CI. Disable it for now. - meson: Actually build and run the tests - tests: Fix compiler warnings for unused arguments - meson: Run test scripts from $srcdir - meson: Make G_TEST_SRCDIR, G_TEST_BUILDDIR match Autotools - meson: Run the Python test script with Python, not bash The python build option can be used to swap to a different interpreter, for environments like the Steam Runtime where the python3 executable in the PATH is extremely old but there is a better interpreter available. This is treated as non-optional, because Meson is written in Python, so the situation where there is no Python interpreter at build-time shouldn't arise. - meson: Build the try-syscall helper - meson: Build tests with equivalent of -I$(top_srcdir) -I$(top_builddir) - meson.build: Remove unnecessary check for sh - Add a Meson build system
Sebastian Wagner2022-03-04 18:14:21 +00:00
2e2a301aac
- Update to version 0.4.1: * retcode: fix return code with syncfd and no event_fd * Ensure we're always clearing the cap bounding set * tests: Update output patterns for libcap >= 2.29 * Don't rely on geteuid() to know when to switch back from setuid root * Don't support --userns2 in setuid mode * fixes CVE-2020-5291 * fixes bsc#1168291
Sebastian Wagner2020-04-01 10:06:19 +00:00
d21e4dbb5a
- Update to version 0.3.3: - This release is the same as 0.3.2 but the version number in configure.ac was accidentally still set to 0.3.1 - Update to version 0.3.2: - fixes boo#1136958 / CVE-2019-12439 This release fixes a mostly theoretical security issue in unusual/broken setups where $XDG_RUNTIME_DIR is unset. There are some other smaller fixes, as well as an addition to the JSON API that allows reading the inner process exit code, separately from the bwrap exit code. - Print "Out of memory" on stderr, not stdout - bwrap: add option json-status-fd to show child exit code - bwrap: Report COMMAND exit code in json-status-fd - man page: Describe --chdir, not nonexistent --cwd - Don't create our own temporary mount point for pivot_root - Make lockdata long enough on 32-bit with 64-bit file pointers.
Sebastian Wagner2019-06-01 15:13:15 +00:00
b197979c9f
- update to version 0.2.1: * All the demos are included * bugfixes for the demo files * There was an issue with mkdir when running bubblewrap on an NFS filesystem that has been fixed, so flatpak now works on NFS shares. * Some leaks have been fixed, including a file descriptor leak.
Sebastian Wagner2018-05-02 06:08:03 +00:00
0715b8b46c
- update to version 0.1.8 - New --die-with-parent which is based on the Linux prctl(PR_SET_PDEATHSIG) API. - smaller bugfixes
Sebastian Wagner2017-05-25 21:21:41 +00:00
Ana Guerrero
Sebastian Wagner
Dominique Leuenberger
Aleksa Sarai
Miquel Sabate Sola