Commit Graph

  • 68d6fd1be5 Accepting request 556579 from home:avindra Takashi Iwai 2017-12-14 10:26:35 +00:00
  • 560c26e888 Accepting request 556579 from home:avindra Takashi Iwai 2017-12-14 10:26:35 +00:00
  • c320ca99e4 Accepting request 522777 from home:avindra Takashi Iwai 2017-09-13 09:08:57 +00:00
  • 1cc385c1d0 Accepting request 522777 from home:avindra Takashi Iwai 2017-09-13 09:08:57 +00:00
  • a872b3d7c4 Accepting request 517016 from home:tiwai:branches:Virtualization Takashi Iwai 2017-08-15 14:51:08 +00:00
  • 5a98d391ff Accepting request 517016 from home:tiwai:branches:Virtualization Takashi Iwai 2017-08-15 14:51:08 +00:00
  • f1a8cd5699 - Update to version 0.9.44.4: * --bandwidth root shell found by Martin Carpenter (CVE-2017-5207) * disabled --allow-debuggers when running on kernel versions prior to 4.8; a kernel bug in ptrace system call allows a full bypass of seccomp filter; problem reported by Lizzie Dixon (CVE-2017-5206) * root exploit found by Sebastian Krahmer (CVE-2017-5180) - Update to version 0.9.44.6: * new fix for CVE-2017-5180 reported by Sebastian Krahmer last week * major cleanup of file copying code * tightening the rules for --chroot and --overlay features * ported Gentoo compile patch * Nvidia drivers bug in --private-dev * fix ASSERT_PERMS_FD macro * allow local customization using .local files under /etc/firejail backported from our development branch * spoof machine-id backported from our development branch - Remove obsoleted patches: firejail-CVE-2017-5180-fix1.patch firejail-CVE-2017-5180-fix2.patch Takashi Iwai 2017-01-16 15:36:03 +00:00
  • 6241dc65fa - Update to version 0.9.44.4: * --bandwidth root shell found by Martin Carpenter (CVE-2017-5207) * disabled --allow-debuggers when running on kernel versions prior to 4.8; a kernel bug in ptrace system call allows a full bypass of seccomp filter; problem reported by Lizzie Dixon (CVE-2017-5206) * root exploit found by Sebastian Krahmer (CVE-2017-5180) - Update to version 0.9.44.6: * new fix for CVE-2017-5180 reported by Sebastian Krahmer last week * major cleanup of file copying code * tightening the rules for --chroot and --overlay features * ported Gentoo compile patch * Nvidia drivers bug in --private-dev * fix ASSERT_PERMS_FD macro * allow local customization using .local files under /etc/firejail backported from our development branch * spoof machine-id backported from our development branch - Remove obsoleted patches: firejail-CVE-2017-5180-fix1.patch firejail-CVE-2017-5180-fix2.patch Takashi Iwai 2017-01-16 15:36:03 +00:00
  • 7a7ff5e7fe Accepting request 448835 from home:tiwai:branches:Virtualization Ismail Dönmez 2017-01-07 09:27:56 +00:00
  • 277d3c0b2f Accepting request 448835 from home:tiwai:branches:Virtualization Ismail Dönmez 2017-01-07 09:27:56 +00:00
  • c5bd94cd19 Accepting request 437560 from home:tiwai:branches:Virtualization Ismail Dönmez 2016-11-03 08:20:46 +00:00
  • 504b909263 Accepting request 437560 from home:tiwai:branches:Virtualization Ismail Dönmez 2016-11-03 08:20:46 +00:00
  • 555d6e90b4 Accepting request 431498 from home:tiwai:branches:Virtualization Olaf Hering 2016-10-13 08:58:49 +00:00
  • f236458a58 Accepting request 431498 from home:tiwai:branches:Virtualization Olaf Hering 2016-10-13 08:58:49 +00:00
  • c0b4cdac0f Accepting request 400690 from home:tiwai:branches:Virtualization Ismail Dönmez 2016-06-08 17:13:02 +00:00
  • c8988d5b68 Accepting request 400690 from home:tiwai:branches:Virtualization Ismail Dönmez 2016-06-08 17:13:02 +00:00
  • 755e067884 Accepting request 397032 from home:tiwai:firejail Dirk Mueller 2016-05-24 05:12:25 +00:00
  • f1471a4ce3 Accepting request 397032 from home:tiwai:firejail Dirk Mueller 2016-05-24 05:12:25 +00:00