mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 18:02:38 +02:00
Update CHANGELOG for v0.5.1 release
This commit is contained in:
deeplow
parent
6c59b1f41d
commit
06b68f2572
1 changed files with 12 additions and 0 deletions
12
CHANGELOG.md
12
CHANGELOG.md
|
|
@ -7,6 +7,18 @@ since 0.4.1, and this project adheres to [Semantic Versioning](https://semver.or
|
||||||
|
|
||||||
## Unreleased
|
## Unreleased
|
||||||
|
|
||||||
|
## Dangerzone 0.5.1
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
- Use more descriptive button labels in update check prompt ([issue #527](https://github.com/freedomofpress/dangerzone/issues/527), thanks to [@garrettr](https://github.com/garrettr))
|
||||||
|
|
||||||
|
### Security
|
||||||
|
|
||||||
|
- Protect our container image against CVE-2023-43115, by updating GhostScript to version 10.02.0. Note that this CVE affects the **untrusted** environment where the conversion of the document to pixels takes place. Dangerzone operates under the assumption that this environment will eventually get exploited, which is why it protects the users in depth by running this environment in a hardened container, as a defense in depth measure. We are not aware of any container escape that impacts our users' security, but it's highly recommended to update to the latest Dangerzone version.
|
||||||
|
|
||||||
|
- Security advisory 2023-10-25: prevent dz-dvm network via dispVMs. This was officially communicated on the advisory date and is only included here since this is the first release since it was announced.
|
||||||
|
|
||||||
## Dangerzone 0.5.0
|
## Dangerzone 0.5.0
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue