liberte/doc/changelog.txt

2014-07-XX
  + 2014.07 release
  * Release naming convention is YYYY.MM from now on

  * Kernel 3.15 with module signing
  * DM-Verity for faster SquashFS image verification
  * Support for installation to GPT media
  * Added support for exFAT filesystem
  * Better support for QEMU mouse virtualization
  * Xorg server 1.15
  * Firewire SBP-2 module is blacklisted to prevent Firewire RAM access
  * Reduced the number of SUID binaries via POSIX.1e capabilities

  * Replaced htpdate with NTP for time synchronization
  * Added "tz" boot parameter for RTC timezone specification
  * Added "gentoo=nontp" boot parameter for disabling NTP
  * Added "gentoo=obfs" boot parameter for obfsproxy Tor bridges
  * Added "gentoo=xkms" boot parameter for forcing X modesetting driver
  * More robust Xorg autoconfiguration with sequential fallbacks
  * Changed OTFE filesystem to ext4
  * Added ASCII virtual keyboard table for OTFE password entry
  * Added preformatted man pages

  * Replaced Epiphany with Firefox
  * Added proxychains, a heterogeneous chaining proxyfier
  * Replaced XChat with HexChat
  * Removed experimental I2P support and JamVM
  * Removed many packages due to shift of project focus
  * Removed most translations due to shift of project focus

  * OVA image creation is fully integrated into build process
  * Removed qemulate.sh script


2012-09-01
  + 2012.3 release

  * Kernel 3.4.7 with overlayfs instead of Unionfs
  * Kernel image is now bundled with initramfs
  * EFI boot binaries are signed for Secure Boot
  * (U)EFI trusted boot chain continues from EFI boot binaries
  * Xorg server 1.12 and Mesa 8.0 with Gallium3D for Radeon cards
  * Nouveau driver is used for Nvidia cards
  * Better support for VMware graphics virtualization

  * Simplified boot parameters handling, most are now omitted
  * Added "blacklist" boot parameter for kernel modules blacklisting
  * Added "bridges" boot parameter for specifying Tor bridges
  * Added "gentoo=noanon" boot parameter for non-anonymous usage mode
  * More rigorous Wi-Fi and Bluetooth (un)blocked states on boot

  * Added small CD -> USB bootstrapping ISO image
  * Added optional PKCS#11 smart-cards support to GnuPG
  * Added reaver-wps, a WiFi Protected Setup cracking tool
  * Added Redshift, a screen color temperature adjuster
  * Disabled GnuPG-S/MIME autoimport of expired certificates
  * GTK-2 and GTK-3 themes are now uniform


2012-06-17
  + 2012.2 release

  * Better handling of "readonly" boot parameter for some boot media
  * Better SD boot media support on some hardware
  * Added USB 3.0 boot media support
  * Last remaining executable PaX exception has been removed

  * Cables communication is now self-contained, based on libmicrohttpd

  * Added VIPS image manipulation toolkit (including nip2 GUI)
  * Added XInput calibrator
  * Removed ePDFView
  * Fixed key retrieval in GNU Privacy Assistant


2012-05-11
  + 2012.1 release

  * Kernel 3.2.11 with devtmpfs in initramfs
  * Fixed memory wiping in KEXEC kernel
  * Removed almost all PaX protection exceptions
  * Fixed multilingual disk labels support for automount
  * Fixed 3G support for modems with PIN unlocking
  * More extensive firmware support
  * Better hardware support (nVidia SATA, BRCM4313, DVBs, joysticks, tablets)
  * Experimental (U)EFI booting support using GRUB 2

  * Better filesystem security (read-only root fs)
  * CD boot media ejection now triggers shutdown (same as USB boot media)
  * Filesystem is now FHS-3.2+/run-compliant
  * Removed framebuffer console splash and decoration
  * Reworked framebuffer handling and simplified boot menu entries
  * Added SquashFS image verification during early boot
  * Added "readonly" boot parameter for disabling persistence
  * Added "toram" boot parameter for copying root filesystem to RAM
  * Added "gentoo=xvesa" boot parameter for forcing VESA driver in X server
  * Added "gentoo=xfb" boot parameter for forcing framebuffer driver in X server
  * setup.sh now supports "auto" mode, w/o unmounting and script copying
  * setup.sh is now more robust (MBR write fix, 64-bit-only systems warning)

  * Cables communication maintains perfect forward secrecy and repudiability
  * Added Open Virtualization bundle (OVA) (backported to 2011.2)

  * Better support for VMware and VirtualBox virtualization
  * Better support for regular mailboxes in Claws-Mail
  * Better Bluetooth support
  * Replaced Midori browser with Epiphany (also based on WebKit-GTK+)
  * Replaced SCIM input methods manager with uim
  * Added gFTP file transfer client
  * Added uGet download manager
  * Replaced Xarchiver with File Roller
  * Unsafe Browser execution environment is sanitized with pam_namespace
  * Laptop Mode Tools do not wake up drives on PM state changes

  * Unsafe Browser now refuses to run once Tor has established a circuit
  * Added keyboard layout configuration via locale customization applet
  * Added test-liberte, an automatic network policy testing script
  * Build scripts do not require SquashFS tools or cdrtools anymore


2011-11-07
  + 2011.2 release

  * ISO image generation, useful for VMs and independent installs
  * Support for installing to ext2/3/4 filesystems
  * Directories are hidden on FAT (during install) and ISO (in Joliet layer)
  * Added silent splash theme, which also disables logo in X server
  * Added configuration-gathering tool for bug reporting

  * Kernel 2.6.39 with SquashFS XZ compression and NX support
  * Requirements bumped to PentiumIII+ (implies MMX, SSE) with PAE
  * All RAM is wiped on shutdown/reboot, regardless of 3GiB address space limit
  * Xorg server 1.10, better touchpad support
  * Better integration as VirtualBox (including clipboard), VMWare, QEMU guest
  * VirtualBox shares are now supported as automount directories
  * HFS and HFS+ filesystems are now supported as read-only automounts

  * Optional I2P support via gentoo=i2p kernel argument
  * HTP time daemon has been hardened and extended to aid I2P service
  * OTFE partition now supports file permissions, sanitized during boot
  * OTFE partition now uses NTFS compression for all data
  * Added an applet for switching Tor identity (NEWNYM)

  * Cables communication is now a separate project
  * Cables communication daemon runs under a designated user
  * Cables communication supports I2P as source and destination addresses
  * Added cables communication identity information applet

  * Added small and fast Java runtime environment (JamVM)
  * Added HTML5 and plugin-based video/audio support to Midori
  * Added SASL (plain) authentication and OTR encryption support to XChat
  * Added PPTP/OpenVPN/Cisco VPN support to NetworkManager
  * Added emelFM2 2-pane file manager
  * Replaced MPlayer with Totem (GStreamer-based)
  * Replaced xvkbd with Florence virtual keyboard

  * Audio mixer channels are heuristically set up on boot
  * Selected Tor-friendly IRC networks for XChat


2011-05-29
  + 2011.1 release

  * Removed SYSLINUX dependency during Linux install
  * Custom fast initramfs without blind modules probing
  * Separated KMS-dependent and VESA-dependent boots
  * Added option for booting without applying user settings
  * More RAM is wiped with KEXEC-based reboot/shutdown
  * RAM is also wiped before power-off on boot media removal
  * Power-off button is ignored when X server screen is locked
  * X server screen locks automatically on closed lid
  * Boot media filesystem is repaired on startup and shutdown

  * Kernel 2.6.37 with PLD Linux SquashFS LZMA patches
  * Parallel OpenRC facilitates faster startup and shutdown
  * Control groups assist process scheduling
  * Haveged is used for supplying entropy
  * Xorg server 1.9
  * Added OpenSSH client
  * Disabled NTP in favor of exclusive HTP use

  * Added secure and anonymous cables communication
  * Added detection and warning about virtualized environment
  * Added blinking of unused LEDs on dropped and rejected packets

  * Easy MP4[H.264+MP3] webcam video encoding
  * Easy Speex audio encoding
  * Added FBReader, XChat, Pidgin


2010-11-15
  + 2010.1 release

  * Transitioned to SYSLINUX, radically simplified installation on all platforms
  * Robust persistence using resizable encrypted virtual partition (OTFE)
  * Tor start-up does not depend on in-the-clear correct time source access
  * Tor hostname is now directly generated and propagated to Tor upon first boot
  * Provisional communication certificates generation and username derivation
  * GnuPG uses HKPS protocol (CA certificate verified during build)
  * Added an unsafe browser that bypasses the firewall (for Wi-Fi registration)
  * Added robust X server screen locking support

  * Added a robust and reasonably fast start-to-finish build script
  * Added universal verification of signatures during build (rsync is disabled)
  * Hardened build is now based on the more reliable regular stage3 autobuilds
  * Hardened GCC version with SSP and PIE support is now used to build packages
  * Removed CDROM boot support
  * Accepted licenses are explicitly specified during build

  * Updated to kernel 2.6.32, kernel+initrd use LZMA
  * Removed SquashFS LZMA support until it is available in mainline
  * Added full ACL and extended attributes support
  * AutoFS integration fixes and enhancements
  * Added support for popular Ethernet and Wi-Fi drivers (including firmware)
  * Removed the deprecated IDE support in favor of libata, added SMART monitor
  * MAC address is correctly randomized (automatic for Wi-Fi only)
  * Laptop Mode Tools are used for power management
  * Most capable audio card is configured as default during boot
  * Replaced (unmaintained and Python-based) Wicd with NetworkManager 

  * Stability, security, and hardware support improvements
  * Space usage improvements
  * Improved control of growing log files (no file grows indefinitely in tmpfs)
  * Perl and Python are cleanly removed from the image

  * Applications list improvements (Evince+Postscript/DejaVu, Eboard, ...)
  * Provisional MP4[H.264+Ogg[Vorbis/Speex]] lightweight video encoding support


2010-05-05
  + 2010.0 inital release