Skip to content

Releases: seccomp/libseccomp-golang

libseccomp-golang v0.10.0

09 Jun 20:34
@kolyshkin kolyshkin
v0.10.0
This tag was signed with the committer’s verified signature.
kolyshkin Kir Kolyshkin
GPG key ID: 17DE5ECB75A1100E
Learn about vigilant mode.
879684a
Compare
Choose a tag to compare
libseccomp-golang v0.10.0 Latest
Latest

Changelog

  • Minimum supported version of libseccomp bumped to v2.3.1
  • Add seccomp userspace notification API (ActNotify, filter.*Notif*)
  • Add filter.{Get,Set}SSB (to support SCMP_FLTATR_CTL_SSB)
  • Add filter.{Get,Set}Optimize (to support SCMP_FLTATR_CTL_OPTIMIZE)
  • Add filter.{Get,Set}RawRC (to support SCMP_FLTATR_API_SYSRAWRC)
  • Add ArchPARISC, ArchPARISC64, ArchRISCV64
  • Add ActKillProcess and ActKillThread; deprecate ActKill
  • Add go module support
  • Return ErrSyscallDoesNotExist when unable to resolve a syscall
  • Fix some functions to check for both kernel level API and libseccomp version
  • Fix MakeCondition to use sanitizeCompareOp
  • Fix AddRule to handle EACCES (from libseccomp >= 2.5.0)
  • Updated the main docs and converted to README.md
  • Added CONTRIBUTING.md, SECURITY.md, and administrative docs under doc/admin
  • Add GitHub action CI, enable more linters
  • test: test against various libseccomp versions
  • test: fix and simplify execInSubprocess
  • test: fix APILevelIsSupported
  • Refactor the Errno(-1 * retCode) pattern
  • Refactor/unify libseccomp version / API level checks
  • Code cleanups (linter, formatting, spelling fixes)
  • Cleanup: use errors.New instead of fmt.Errorf where appropriate
  • Cleanup: remove duplicated cgo stuff, redundant linux build tag

Full Changelog: v0.9.1...v0.10.0

Assets 2
Loading

v0.9.1

22 May 14:58
@mheon mheon
v0.9.1
This tag was signed with the committer’s verified signature. The key has expired.
mheon Matt Heon
GPG key ID: 5A0F5FA1CEF5C874
Expired
Learn about vigilant mode.
689e3c1
Compare
Choose a tag to compare
v0.9.1

This release is no longer supported upstream, please use a more recent release.

Changelog

  • Minimum supported version of libseccomp bumped to v2.2.0
  • Use Libseccomp's seccomp_version API to retrieve library version
  • Unconditionally set TSync attribute for filters, due to Go's heavily threaded nature
  • Fix CVE-2017-18367 - Multiple syscall arguments were incorrectly combined with logical-OR, instead of logical-AND
  • Fix a failure to build on Debian-based distributions due to CGo code
  • Fix unit test failures on 32-bit architectures
  • Improve several errors to be more verbose about their causes
  • Add support for SCMP_ACT_LOG (with libseccomp versions 2.4.x and higher), permitting syscalls but logging their execution
  • Add support for SCMP_FLTATR_CTL_LOG (with libseccomp versions 2.4.x and higher), logging not-allowed actions when they are denied
Assets 2
Loading

libseccomp-golang v0.9.0

05 Jan 21:54
@pcmoore pcmoore
v0.9.0
e3496e3
Compare
Choose a tag to compare
libseccomp-golang v0.9.0

This release is no longer supported upstream, please use a more recent release.

NOTE: This API in this release should not be considered final, while major changes are unlikely, there may be subtle changes to the API/behavior prior to the v1.0.0 release.

ChangeLog

  • Version 0.9.0 - January 5, 2017
    • Initial tagged release
Assets 2
Loading