[GH-ISSUE #2017] Patch release for 0.9.52 #1359

New issue

Open

opened 2026-05-05 07:55:32 -06:00 by gitea-mirror · 5 comments

gitea-mirror commented

2026-05-05 07:55:32 -06:00

Owner

Originally created by @Fred-Barclay on GitHub (Jun 30, 2018).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2017

Based on some interactions I've had with chaps elsewhere

@reinerh Can we publish a patch for 0.9.52 with the changes in etc-fixes/ or updated the version in Ubuntu 18.04 to 0.9.54?

IIRC firefox 60 shipped just about the same time as firejail 0.9.52. Since they added in a seccomp sandbox, our firefox profile didn't work with firefox 60 or higher, which we patched shortly after the release of firejail 0.9.52.
Users of Ubuntu 18.04 and any distros based on it (like the upcoming Linux Mint 19) can't apt install firejail and then sandbox firefox. Instead, they either have to manually install our 0.9.54 release or come here, download the corrected profile, and then create ~/.config/firejail/firefox.profile or edit /etc/firejail/firefox.profile directly. From what I'm hearing, a lot of folks aren't doing this and are instead giving up on firejailing firefox -- and to be fair, they should be able to use the version in the repos.

Gedit and libreoffice are broken in 0.9.52 as well, so three much-used programmes can't easily be sandboxed. Simply using the patched profiles in etc-fixes/ and publishing the patch would be enough to fix this. Alternatively 0.9.54 could be pushed to the repos, but that might be a bit more involved (I'm not sure).

Either way, could we get this fixed so that everyone using Ubuntu 18.04 and derivatives can easily integrate firejail?
Thanks!
Fred

Originally created by @Fred-Barclay on GitHub (Jun 30, 2018). Original GitHub issue: https://github.com/netblue30/firejail/issues/2017 *Based on some interactions I've had with chaps elsewhere* @reinerh Can we publish a patch for 0.9.52 with the changes in etc-fixes/ or updated the version in Ubuntu 18.04 to 0.9.54? IIRC firefox 60 shipped just about the same time as firejail 0.9.52. Since they added in a seccomp sandbox, our firefox profile didn't work with firefox 60 or higher, which we patched shortly after the release of firejail 0.9.52. Users of Ubuntu 18.04 and any distros based on it (like the upcoming Linux Mint 19) can't `apt install firejail` and then sandbox firefox. Instead, they either have to manually install our 0.9.54 release or come here, download the corrected profile, and then create ~/.config/firejail/firefox.profile or edit /etc/firejail/firefox.profile directly. From what I'm hearing, a lot of folks aren't doing this and are instead giving up on firejailing firefox -- and to be fair, they should be able to use the version in the repos. Gedit and libreoffice are broken in 0.9.52 as well, so three much-used programmes can't easily be sandboxed. Simply using the patched profiles in etc-fixes/ and publishing the patch would be enough to fix this. Alternatively 0.9.54 could be pushed to the repos, but that might be a bit more involved (I'm not sure). Either way, could we get this fixed so that everyone using Ubuntu 18.04 and derivatives can easily integrate firejail? Thanks! Fred

gitea-mirror commented

2026-05-05 07:55:35 -06:00

Author

Owner

@Vincent43 commented on GitHub (Jun 30, 2018):

AFAIK it's hard to update package in Ubuntu repos not supported by Canonical (not in main). Perhaps creating PPA would be easier to do.

@Vincent43 commented on GitHub (Jun 30, 2018): AFAIK it's hard to update package in Ubuntu repos not supported by Canonical (not in main). Perhaps creating PPA would be easier to do.

gitea-mirror commented

2026-05-05 07:55:36 -06:00

Author

Owner

@Fred-Barclay commented on GitHub (Jul 2, 2018):

@Vincent43 Maybe. The usual PPA doesn't have packages for Ubuntu 18.04 yet though (as far as I can see. There is a 0.9.54-1~0ubuntu18.04.0 version but it's tagged for artful, not bionic.)

@Fred-Barclay commented on GitHub (Jul 2, 2018): @Vincent43 Maybe. The [usual PPA](https://launchpad.net/~deki/+archive/ubuntu/firejail) doesn't have packages for Ubuntu 18.04 yet though (as far as I can see. There is a `0.9.54-1~0ubuntu18.04.0` version but it's tagged for artful, not bionic.)

gitea-mirror commented

2026-05-05 07:55:38 -06:00

Author

Owner

@reinerh commented on GitHub (Jul 8, 2018):

There is a 0.9.54-1~0ubuntu18.04.0 version but it's tagged for artful, not bionic.

Oops, looks like I confused the Ubuntu release names... I definitely intended to make it available for the LTS release (18.04, bionic). I'll upload one for 18.04 in a few minutes...

A bugfix release for .52 would also be good to get it into the official repos.
Updating to .54 would add a lot features (and regressions), not only security- or bugfixes. That makes it hard to update it.
But if we add really only minimal changes to .52 for fixing important bugs that should be possible.

@reinerh commented on GitHub (Jul 8, 2018): > There is a 0.9.54-1~0ubuntu18.04.0 version but it's tagged for artful, not bionic. Oops, looks like I confused the Ubuntu release names... I definitely intended to make it available for the LTS release (18.04, bionic). I'll upload one for 18.04 in a few minutes... A bugfix release for .52 would also be good to get it into the official repos. Updating to .54 would add a lot features (and regressions), not only security- or bugfixes. That makes it hard to update it. But if we add really only minimal changes to .52 for fixing important bugs that should be possible.

gitea-mirror commented

2026-05-05 07:55:39 -06:00

Author

Owner

@smitsohu commented on GitHub (Dec 8, 2018):

Just gave it try, I was debugging something different, and the Firefox profile looks still broken in 18.04 bionic due to seccomp and tracelog. Libreoffice similar.

I would agree with @Fred-Barclay that this could be a showstopper for less experienced users of Ubuntu or Mint. Would it be an option to take etc-fixes and do a 0.9.52 bugfix release, as suggested by @Fred-Barclay?

Maybe we could also port the changes in the Tor browser profiles (736216cacf, defb5a4891, 908736fce9, other ones?)

@smitsohu commented on GitHub (Dec 8, 2018): Just gave it try, I was debugging something different, and the Firefox profile looks still broken in 18.04 bionic due to `seccomp` and `tracelog`. Libreoffice similar. I would agree with @Fred-Barclay that this could be a showstopper for less experienced users of Ubuntu or Mint. Would it be an option to take etc-fixes and do a 0.9.52 bugfix release, as suggested by @Fred-Barclay? Maybe we could also port the changes in the Tor browser profiles (736216cacfe6a818b1ea0255f474089a8fa2f394, defb5a48918c9fda82ac9bcf5c8a301e5f60da23, 908736fce96da4c35697bb49d7039c1ee804668a, other ones?)

gitea-mirror commented

2026-05-05 07:55:40 -06:00

Author

Owner

@rusty-snake commented on GitHub (Jun 26, 2019):

Any progress on these ideas?

@rusty-snake commented on GitHub (Jun 26, 2019): Any progress on these ideas?