Tags give the ability to mark specific points in history as being important
  • debian/0.9.52-3parrot1
    Debian release 0.9.52-3parrot1
  • debian/0.9.52-2parrot3
    Debian release 0.9.52-2parrot3
  • debian/0.9.52-2parrot2
    Debian release 0.9.52-2parrot2
  • debian/0.9.52-2parrot1
    Debian release 0.9.52-2parrot1
  • debian/0.9.52-2parrot0
    Debian release 0.9.52-2parrot0
  • debian/0.9.52-1parrot0
    Debian release 0.9.52-1parrot0
  • debian/0.9.52-1
    Debian release 0.9.52-1
  • upstream/0.9.52
    Upstream version 0.9.52
  • debian/0.9.50-3parrot5
    Debian release 0.9.50-3parrot5
  • debian/0.9.50-3parrot4
    Debian release 0.9.50-3parrot4
  • debian/0.9.50-3parrot3
    Debian release 0.9.50-3parrot3
  • debian/0.9.50-3parrot1
    Debian release 0.9.50-3parrot1
  • debian/0.9.50-3parrot0
    Debian release 0.9.50-3parrot0
  • upstream/0.9.50
    Upstream version 0.9.50
  • 0.9.50
    9163f272 · rpm package ·
    Version 0.9.50
    
      * modif: --output split in two commands, --output and --output-stderr
      * feature: per-profile disable-mnt (--disable-mnt)
      * feature: per-profile support to set X11 Xephyr screen size (--xephyr-screen)
      * feature: private /lib directory (--private-lib)
      * feature: disable CDROM/DVD drive (--nodvd)
      * feature: disable DVB devices (--notv)
      * feature: --profile.print
      * enhancement: print all seccomp filters under --debug
      * enhancement: /proc/sys mounting
      * enhancement: rework IP address assingment for --net options
      * enhancement: support for newer Xpra versions (2.1+) -
         set xpra-attach yes in /etc/firejail/firejail.config
      * enhancement: all profiles use a standard layout style
      * enhancement: create /usr/local for firecfg if the directory doesn't exist
      * enhancement: allow full paths in --private-bin
      * seccomp feature: --memory-deny-write-execute
      * seccomp feature: seccomp post-exec
      * seccomp feature: block secondary architecture (--seccomp.block_secondary)
      * seccomp feature: seccomp syscall groups
      * seccomp enhancement: print all seccomp filters under --debug
      * seccomp enhancement: default seccomp list update
      * new profiles: curl, mplayer2, SMPlayer, Calibre, ebook-viewer, KWrite,
      * new profiles: Geary, Liferea, peek, silentarmy, IntelliJ IDEA,
      * new profiles: Android Studio, electron, riot-web, Extreme Tux Racer,
      * new profiles: Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux
      * new profiles: telegram-desktop, arm, rambox, apktool, baobab, dex2jar, gitg,
      * new profiles: hashcat, obs, picard, remmina, sdat2img, soundconverter
      * new profiles: truecraft, gnome-twitch, tuxguitar, musescore, neverball
      * new profiles: sqlitebrowse, Yandex Browser, minetest
      * bugfixes
  • 0.9.50-rc1
    20d14f69 · fix release notes ·
    Version 0.9.50~rc1
      * modif: --output split in two commands, --output and --output-stderr
      * feature: per-profile disable-mnt (--disable-mnt)
      * feature: per-profile support to set X11 Xephyr screen size (--xephyr-screen)
      * feature: private /lib directory (--private-lib)
      * feature: disable CDROM/DVD drive (--nodvd)
      * feature: disable DVB devices (--notv)
      * enhancement: print all seccomp filters under --debug
      * enhancement: /proc/sys mounting
      * enhancement: rework IP address assingment for --net options
      * enhancement: support for newer Xpra versions (2.1+) -
         set xpra-attach yes in /etc/firejail/firejail.config
      * enhancement: all profiles use a standard layout style
      * enhancement: create /usr/local for firecfg if the directory doesn't exist
      * enhancement: allow full paths in --private-bin
      * seccomp feature: --memory-deny-write-execute
      * seccomp feature: seccomp post-exec
      * seccomp feature: block secondary architecture (--seccomp.block_secondary)
      * seccomp feature: seccomp syscall groups
      * seccomp enhancement: print all seccomp filters under --debug
      * seccomp enhancement: default seccomp list update
      * new profiles: curl, mplayer2, SMPlayer, Calibre, ebook-viewer, KWrite,
      * new profiles: Geary, Liferea, peek, silentarmy, IntelliJ IDEA,
      * new profiles: Android Studio, electron, riot-web, Extreme Tux Racer,
      * new profiles: Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux
      * new profiles: telegram-desktop, arm, rambox, apktool, baobab, dex2jar, gitg,
      * new profiles: hashcat, obs, picard, remmina, sdat2img, soundconverter
      * new profiles: truecraft, gnome-twitch, tuxguitar, musescore, neverball
      * new profiles: sqlitebrowse,
      * bugfixes
  • 0.9.48
    145e2603 · 0.9.48 testing ·
    Version 0.9.48
    
      * modifs: whitelisted Transmission, Deluge, qBitTorrent, KTorrent;
        please use ~/Downloads directory for saving files
      * modifs: AppArmor made optional; a warning is printed on the screen
        if the sandbox fails to load the AppArmor profile
      * feature: --novideo
      * feature: drop discretionary access control capabilities for
        root sandboxes
      * feature: added /etc/firejail/globals.local for global customizations
      * feature: profile support in overlayfs mode
      * new profiles: vym, darktable, Waterfox, digiKam, Catfish, HandBrake
      * bugfixes
  • 0.9.46
    f66ee476 · 0.9.46 testing ·
    Version 0.9.46
    
      * security: split most of networking code in a separate executable
      * security: split seccomp filter code configuration in a separate executable
      * security: split file copying in private option in a separate executable
      * feature: disable gnupg and systemd directories under /run/user
      * feature: test coverage (gcov) support
      * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm)
      * feature: private /opt directory (--private-opt, profile support)
      * feature: private /srv directory (--private-srv, profile support)
      * feature: spoof machine-id (--machine-id, profile support)
      * feature: allow blacklists under --private (--allow-private-blacklist,
        profile support)
      * feature: user-defined /etc/hosts file (--hosts-file, profile support)
      * feature: support for the real /var/log directory (--writable-var-log,
        profile support)
      * feature: config support for firejail prompt in terminals
      * feature: AppImage type 2 support
      * feature: pass command line arguments to appimages
      * feature: allow non-seccomp setup for OverlayFS sandboxes - more work to come
      * feature: added a number of Python scripts for handling sandboxes
      * feature: allow local customization using .local files under /etc/firejail
      * feature: follow-symlink-as-user runtime config option in
        /etc/firejail/firejail.config
      * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config
      * feature: xvfb X11 server support (--x11=xvfb)
      * feature: allow /tmp directory in mkdir and mkfile profile commands
      * feature: implemented --noblacklist command, profile support
      * feature: config support to disable access to /mnt and /media (disable-mnt)
      * feature: config support to disable join (join)
      * feature: disabled Go, Rust, and OpenSSL in disable-devel.conf
      * feature: support overlay, overlay-named and overlay-tmpfs in profile files
      * feature: allow PulseAudio sockets in --private-tmp
      * feature: --fix-sound support in firecfg
      * feature: added support for sandboxing Xpra, Xvfb and Xephyr in
        independent sandboxes when started with firejail --x11
      * feature: enable automatic X server sandboxing for --x11=xpra
        and --x11=xephyr
      * feature: support for Xpra extra params in firejail config file
      * new profiles: xiphos, Tor Browser Bundle, display (imagemagick), Wire,
      * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma,
      * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator,
      * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos,
      * new profiles: Xonotic, wireshark, keepassx2, QupZilla, FossaMail,
      * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa,
      * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView,
      * new profiles: baloo_file, Nylas, dino, BibleTime, viewnior, Kodi, viking,
      * new profiles: youtube-dl, meld, Arduino, Akregator, KCalc, KTorrent,
      * new profiles: Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict,
      * new profiles: Ristretto, PCManFM, Dia, FontForge, Geany, Hugin,
      * new profiles: mate-calc, mate-dictionary, mate-color-select, caja,
      * new profiles: galculator, Nemo, gnome-font-viewer, gucharmap, knotes
      * new profiles: clipit, leafpad, lximage-qt, lxmusic, qlipper, Xvfb, Xephyr
      * new profiles: Blender, 2048-qt
      * bugfixes
  • 0.9.46-rc1
    4f4fbc6f · 0.9.44~rc1 testing ·
    Version 0.9.46~rc1
      * development version, work in progress
      * security: split most of networking code in a separate executable
      * security: split seccomp filter code configuration in a separate executable
      * security: split file copying in private option in a separate executable
      * feature: disable gnupg and systemd directories under /run/user
      * feature: test coverage (gcov) support
      * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm)
      * feature: private /opt directory (--private-opt, profile support)
      * feature: private /srv directory (--private-srv, profile support)
      * feature: spoof machine-id (--machine-id, profile support)
      * feature: allow blacklists under --private (--allow-private-blacklist,
        profile support)
      * feature: user-defined /etc/hosts file (--hosts-file, profile support)
      * feature: support for the real /var/log directory (--writable-var-log,
        profile support)
      * feature: config support for firejail prompt in terminals
      * feature: AppImage type 2 support
      * feature: pass command line arguments to appimages
      * feature: allow non-seccomp setup for OverlayFS sandboxes - more work to come
      * feature: added a number of Python scripts for handling sandboxes
      * feature: allow local customization using .local files under /etc/firejail
      * feature: follow-symlink-as-user runtime config option in
        /etc/firejail/firejail.config
      * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config
      * feature: xvfb X11 server support (--x11=xvfb)
      * feature: allow /tmp directory in mkdir and mkfile profile commands
      * feature: implemented --noblacklist command, profile support
      * feature: config support to disable access to /mnt and /media (disable-mnt)
      * feature: config support to disable join (join)
      * feature: disabled Go, Rust, and OpenSSL in disable-devel.conf
      * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire,
      * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma,
      * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator,
      * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos,
      * new profies: Xonotic, wireshark, keepassx2, QupZilla, FossaMail,
      * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa
      * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView
      * bugfixes
  • 0.9.44.10
    fc87f217 · 0.9.44.10 testing ·
    Version 0.9.44.10
      * security: when using --x11=xorg and --net, incorrect processing of
        the return code of /usr/bin/xauth could end up in starting the
        sandbox without X11 security extension installed. Problem found/fixed
        by Zack Weinberg
      * bugfix: ~/.pki directory whitelisted and later blacklisted. This affects
        most browsers, and disables the custom certificates installed by the user
      * bugfix: firecfg config fix
      * bugfix: gajim security profile fix
      * bugfix: man page fix
      * bugfix: force-nonewprivs fix for /etc/firejail/firejail.config
      * bugfix: xephyr-extra-params fix for /etc/firejail/firejail.config
      * bugfix: memory corruption in noblacklist processing
      * bugfix: --quiet fix for Arch and Fedora systems
      * bugfix: updated Keepass(x) profiles
      * bugfix: firemon --nowrap problem
      * bugfix: document firemon --nowrap in man page and in --help option
      * bugfix: bash completion for --noblacklist command
      * bugfix: vlc profile fix
      * bugfix: fixed handling of .local profile files when the software is
        installed in ~/.local directory
      * bugfix: temporarily remove private-tmp from all profiles, until a fix for
        .Xauthority file handling in KDE becomes available
      * maintenance: --output cleanup
      * maintenance: updated copyright statement in all files