diff --git a/firejail-0.9.66.tar.xz b/firejail-0.9.66.tar.xz deleted file mode 100644 index 665e173..0000000 --- a/firejail-0.9.66.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8a849ea2f3922901033a407b9498d48915260e7c3381f6cf151c51a73c952d0f -size 449992 diff --git a/firejail-0.9.66.tar.xz.asc b/firejail-0.9.66.tar.xz.asc deleted file mode 100644 index 7c8e799..0000000 --- a/firejail-0.9.66.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmDbUqwACgkQLMs2rfxY -SaeDMQf/W9LgIG/QsVz3Xl442zT4gijZGK6llnT5Ca5eDkqLCizCPbRdDJ54eldF -kfLQiy21K7KTnrr9S5Y5UFy4452q4ewKIVe/PCfN++f38cN40tWefyBsO5hgJq6Z -t61bx54+5RxJl9qz5cm8eJFvXi1G9rkZPcVn4KBjUoY5vbyirElfHdgH6KcCPN3J -benndbPlXfzw4673P7LqNRsbri8wLsM20KoeBahIMj0SUQ6hOOTItKYxUtx19N93 -gXB/Sa9JTVGVK9PYhRZiuLeCXBe76PkNV6WJngFDQ8GyYG+AnRETBXiTzkR7Jxcn -hhoGnbOKRdIvXKcDXHdeAd2nxOJm5g== -=pisc ------END PGP SIGNATURE----- diff --git a/firejail-0.9.68.tar.xz b/firejail-0.9.68.tar.xz new file mode 100644 index 0000000..ba60bb5 --- /dev/null +++ b/firejail-0.9.68.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a322395597d89d2e5ea21fb11cb3f2afc44b00fca5439bf44c7636c5cffa652f +size 477332 diff --git a/firejail-0.9.68.tar.xz.asc b/firejail-0.9.68.tar.xz.asc new file mode 100644 index 0000000..2ab91e4 --- /dev/null +++ b/firejail-0.9.68.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmH/zu0ACgkQLMs2rfxY +Saf2WAf/UI98s9MugTAq45CIuxaqzhbbGc435Lwo2NgS2LCYKoJOmes6UdyLPUa1 +aawBImtfqTyOXWrWnKjYBl7fIVATKpP7Ddm2+y6RJ+px/4dRUWNLVqEvka5BLYNS +HrYP84a1vxqeg0LVOMcmD701mTmbT68jwpjD2Ai2ZkiRGXS5KfBWIRL+WR7PAorj +jDxqUSorEF8x316d+0doy9NyeCXS5A1aqTmjnTxZ3RBfkg+Zq33S+x+2ktepdnDH +q/Fv9W4C/GVoXBj6PKtk4JXFUJIeYUYCXE9sq2bpCEAdom5J+EpUMo+42G1/xLYL +mFP0G113+ciMoLWkjJMNQH6KbFjCsQ== +=6MJb +-----END PGP SIGNATURE----- diff --git a/firejail.changes b/firejail.changes index 55271ef..9360781 100644 --- a/firejail.changes +++ b/firejail.changes @@ -1,3 +1,71 @@ +------------------------------------------------------------------- +Sun Feb 6 21:09:00 UTC 2022 - Sebastian Wagner + +- update to firejail 0.9.68: + - security: on Ubuntu, the PPA is now recommended over the distro package + - (see README.md) (#4748) + - security: bugfix: private-cwd leaks access to the entire filesystem + - (#4780); reported by Hugo Osvaldo Barrera + - feature: remove (some) environment variables with auth-tokens (#4157) + - feature: ALLOW_TRAY condition (#4510 #4599) + - feature: add basic Firejail support to AppArmor base abstraction (#3226 + - #4628) + - feature: intrusion detection system (--ids-init, --ids-check) + - feature: deterministic shutdown command (--deterministic-exit-code, + - --deterministic-shutdown) (#928 #3042 #4635) + - feature: noprinters command (#4607 #4827) + - feature: network monitor (--nettrace) + - feature: network locker (--netlock) (#4848) + - feature: whitelist-ro profile command (#4740) + - feature: disable pipewire with --nosound (#4855) + - feature: Unset TMP if it doesn't exist inside of sandbox (#4151) + - feature: Allow apostrophe in whitelist and blacklist (#4614) + - feature: AppImage support in --build command (#4878) + - modifs: exit code: distinguish fatal signals by adding 128 (#4533) + - modifs: firecfg.config is now installed to /etc/firejail/ (#408 #4669) + - modifs: close file descriptors greater than 2 (--keep-fd) (#4845) + - modifs: nogroups now stopped causing certain system groups to be dropped, + - which are now controlled by the relevant "no" options instead (such as + - nosound -> drop audio group), which fixes device access issues on systems + - not using (e)logind (such as with seatd) (#4632 #4725 #4732 #4851) + - removal: --disable-whitelist at compile time + - removal: whitelist=yes/no in /etc/firejail/firejail.config + - bugfix: Fix sndio support (#4362 #4365) + - bugfix: Error mounting tmpfs (MS_REMOUNT flag not being cleared) (#4387) + - bugfix: --build clears the environment (#4460 #4467) + - bugfix: firejail hangs with net parameter (#3958 #4476) + - bugfix: Firejail does not work with a custom hosts file (#2758 #4560) + - bugfix: --tracelog and --trace override /etc/ld.so.preload (#4558 #4586) + - bugfix: PATH_MAX is undeclared on musl libc (#4578 #4579 #4583 #4606) + - bugfix: firejail symlinks are not skipped with private-bin + globs (#4626) + - bugfix: Firejail rejects empty arguments (#4395) + - bugfix: firecfg does not work with symlinks (discord.desktop) (#4235) + - bugfix: Seccomp list output goes to stdout instead of stderr (#4328) + - bugfix: private-etc does not work with symlinks (#4887) + - bugfix: Hardware key not detected on keepassxc (#4883) + - build: allow building with address sanitizer (#4594) + - build: Stop linking pthread (#4695) + - build: Configure cleanup and improvements (#4712) + - ci: add profile checks for sorting disable-programs.inc and + - firecfg.config and for the required arguments in private-etc (#2739 #4643) + - ci: pin GitHub actions to SHAs and use Dependabot to update them (#4774) + - docs: Add new command checklist to CONTRIBUTING.md (#4413) + - docs: Rework bug report issue template and add both a question and a + - feature request template (#4479 #4515 #4561) + - docs: fix contradictory descriptions of machine-id ("preserves" vs + - "spoofs") (#4689) + - docs: Document that private-bin and private-etc always accumulate (#4078) + - new includes: whitelist-run-common.inc (#4288), disable-X11.inc (#4462) + - new includes: disable-proc.inc (#4521) + - removed includes: disable-passwordmgr.inc (#4454 #4461) + - new profiles: microsoft-edge-beta, clion-eap, lifeograph, zim + - new profiles: io.github.lainsce.Notejot, rednotebook, gallery-dl + - new profiles: yt-dlp, goldendict, goldendict, bundle, cmake + - new profiles: make, meson, pip, codium, telnet, ftp, OpenStego + - new profiles: imv, retroarch, torbrowser, CachyBrowser, + - new profiles: notable, RPCS3, wget2, raincat, conitop, 1passwd, + - new profiles: Seafile, neovim, com.github.tchx84.Flatseal + ------------------------------------------------------------------- Sun Jul 18 16:45:49 UTC 2021 - Andreas Stieger diff --git a/firejail.spec b/firejail.spec index eeb6099..49e2945 100644 --- a/firejail.spec +++ b/firejail.spec @@ -1,7 +1,7 @@ # # spec file for package firejail # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: firejail -Version: 0.9.66 +Version: 0.9.68 Release: 0 Summary: Linux namepaces sandbox program License: GPL-2.0-only @@ -120,5 +120,6 @@ rm %{buildroot}%{_docdir}/firejail/COPYING %dir %{_datarootdir}/zsh %dir %{_datarootdir}/zsh/site-functions/ %{_datadir}/zsh/site-functions/_firejail +/etc/apparmor.d/abstractions/base.d/firejail-base %changelog