Release 0.11.2

This is a security update for CVE-2026-41163, which affects any system using bubblewrap 0.11.x using a setuid bubblewrap. Anyone using this should update to this release (or stop using setuid mode).

This release deprecates the support for setuid bubblewrap, and later versions of bubblewrap will no longer support it.

Bug fixes:

• In setuid mode, don't run the low-privileged parts parts of the setup
  as dumpable, as that allows it to be ptraced which can lead to problems.
  This is CVE-2026-41163, and was reported by François Diakhate.

Enhancements:

• New build option -Dsupport_setuid, which if set to false (which
  is the default) disables the support for setuid. Binaries built
  with this will refuse to run if made setuid. We recommend building
  normal bubblewrap binaries like this, which allows you to safely
  ignore any security issues that only affect setuid mode.

0.11.1

Bug fixes:

• Reset disposition of SIGCHLD, restoring normal subprocess management if bwrap was run from a process that was ignoring that signal, such as Erlang or volumeicon (#705, Joel Pelaez Jorge)

• Don't ignore --userns 0, --userns2 0 or --pidns 0 if used (#731, Daniel Cazares). Note that using a fd number ≥ 3 for these purposes is still preferred, to avoid confusion with the stdin, stdout, stderr that will be inherited by the command inside the container.

• Fix grammar in an error message (#694, J. Neuschäfer)

• Fix a broken link in the documentation (#729, Aaron Brooks)

Internal changes:

• Enable user namespaces in Github Actions configuration, fixing a CI regression with newer Ubuntu (#728, Joel Pelaez Jorge)

• Clarify comments (#737, Simon McVittie)

c1b7455a1283b1295879a46d5f001dfd088c0bb0f238abb5e128b3583a246f71 *bubblewrap-0.11.1.tar.xz

0.11.0

Released: 2024-10-30

Dependencies:

• Remove the Autotools build system. Meson ≥ 0.49.0 is now required at build-time. (#625, @WhyNotHugo)

• For users of bash-completion, bash-completion ≥ 2.10 is recommended. With older bash-completion, bubblewrap might install completions outside its ${prefix} unless overridden with -Dbash_completion_dir=….

Enhancements:

• New --overlay, --tmp-overlay, --ro-overlay and --overlay-src options allow creation of overlay mounts. This feature is not available when bubblewrap is installed setuid. (#412, #663; @rhendric, @wmanley, @smcv)

• New --level-prefix option produces output that can be parsed by tools like logger --prio-prefix and systemd-cat --level-prefix=1 (#646, @smcv)

Bug fixes:

• Handle EINTR when doing I/O on files or sockets (#657, @smcv)

• Don't make assumptions about alignment of socket control message data (#637, @smcv)

• Silence some Meson deprecation warnings (#647, @sertonix)

• Update URLs in documentation to https (#566, @TotalCaesar659)

• Improve tests' compatibility with busybox (#627, @sertonix)

• Improve compatibility with Meson < 1.3.0 (#664, @smcv)

Internal changes:

• Consistently use <stdbool.h> for booleans (#660, @smcv)

• Avoid -Wshadow compiler warnings (#661, @smcv)

• Update Github Actions configuration (#658, @smcv)

988fd6b232dafa04b8b8198723efeaccdb3c6aa9c1c7936219d5791a8b7a8646 *bubblewrap-0.11.0.tar.xz

0.10.0

New features:

• Add the --[ro-]bind-fd option, which can be used to mount a filesystem represented by a file descriptor without time-of-check/time-of-use attacks. This is needed when resolving CVE-2024-42472 (GHSA-7hgv-f2j8-xw87) in Flatpak.

Other changes:

• Fix some confusing syntax in SetupOpFlag (no functional change). (#636)

0.6.3

This release is intended to be used as part of Flatpak 1.14.x. If possible, please upgrade to 0.10.0 or later instead.

• Backport the --[ro-]bind-fd option from 0.10.0. This can be used to mount a filesystem represented by a file descriptor without time-of-check/time-of-use attacks, and is needed when resolving CVE-2024-42472 (GHSA-7hgv-f2j8-xw87) in Flatpak.

d8cab8943a36cd1bc1b8c63596c6ef6b29b12883d90ed9b14a969795ac60ddef  bubblewrap-0.6.3.tar.xz

0.9.0

Build system

• Building this version of bubblewrap with Meson is recommended. The source release bubblewrap-0.9.0.tar.xz no longer contains Autotools-generated files, although this version can still be built using Autotools after running ./autogen.sh. Future versions are likely to remove the Autotools build system altogether.

New features

• Add --argv0 (#91)

Other enhancements

• --symlink is now idempotent, meaning it succeeds if the symlink already exists and already has the desired target (#549, flatpak/flatpak#2387, flatpak/flatpak#3477, flatpak/flatpak#5255)
• Clarify security considerations in documentation (#555, #560, #621)
• Clarify documentation for --cap-add (#562)
• Report a better error message if mount(2) fails with ENOSPC (#615, ValveSoftware/steam-runtime#637)
• Make it easier to add new unit tests (#420)
• Drop support for ancient Python versions in demo code

Bug fixes

• Fix a double-close on error reading from --args, --seccomp or --add-seccomp-fd argument (#558)
• Improve memory allocation behaviour (#556, #624)
• Silence various compiler warnings (#559)
• Silence an Automake warning (#622)
• Fix a test failure when running as uid 0 in a container (#488)
• Fix a test failure when /mnt is a symlink (#599)
• Fix a test failure on NixOS (#603)

c6347eaced49ac0141996f46bba3b089e5e6ea4408bc1c43bab9f2d05dd094e1 *bubblewrap-0.9.0.tar.xz

0.8.0

New features:

• Add --disable-userns option to prevent the sandbox from creating its own nested user namespace (#488)
• Add --assert-userns-disabled option to check that an existing userns was created with --disable-userns (#488)
• Give a clearer error message if the kernel doesn't have CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER (#550)

Bug fixes:

• Fix test failure with recent versions of capsh (#544)
• Fix test failure since 0.7.0 when not using post-2013 GNU coreutils (#539)
• Fix test failure since 0.7.0 if bubblewrap is setuid (#539)

Known issues:

• Tests fail if run as root (#554)

$ sha256sum -b bubblewrap-0.8.0.tar.xz            
957ad1149db9033db88e988b12bcebe349a445e1efc8a9b59ad2939a113d333a *bubblewrap-0.8.0.tar.xz

v0.7.0

New features:

• --size option controls the size of a subsequent --tmpfs (#509)
• Better error messages if a mount operation fails (#472)
• Better error message if creating the new user namespace fails with ENOSPC (#487)
• When building as a Meson subproject, a RUNPATH can be set on the executable to make it easier to bundle its libcap dependency

Bug fixes:

• When building with Autotools, ensure initial setup for pkg-config is not disabled by --with-bash-completion-dir=PATH (#316, #342, #441)
• Fix test failures when running as uid 0 but with limited capabilities (#510)
• Use POSIX command -v in preference to non-standard which (#527)
• Fix a copy/paste error in --help (#531)

$ sha256sum -b bubblewrap-0.7.0.tar.xz 
764ab7100bd037ea53d440d362e099d7a425966bc62d1f00ab26b8fbb882a9dc *bubblewrap-0.7.0.tar.xz

0.6.2

New features in Meson build:

• Auto-detect whether the man page can be generated
• -Dbwrapdir=... changes the installation directory (useful when being used as a subproject)
• -Dtests=false disables unit tests

Bug fixes:

• Add --add-seccomp-fd to shell completions
• Document --add-seccomp-fd, --json-status-fd and --share-net in the man page
• Add attributes to silence various compiler warnings
• Allow compilation of tests with musl on mips architectures
• Allow compilation with older glibc
• Disable sanitizers for a test helper whose seccomp profile breaks the instrumentation
• Disable AddressSanitizer leak detection where it interferes with unit testing

$ sha256sum -b bubblewrap-0.6.2.tar.xz
8a0ec802d1b3e956c5bb0a40a81c9ce0b055a31bf30a8efa547433603b8af20b *bubblewrap-0.6.2.tar.xz

0.6.1

• Fix bwrap --version when built with Meson (#477)
• Don't install zsh completion as executable when built with Meson

$ sha256sum -b bubblewrap-0.6.1.tar.xz
9609c7dc162bc68abc29abfab566934fdca37520a15ed01b675adcf3a4303282 *bubblewrap-0.6.1.tar.xz