Merge 178364e3a7 into eb345562da

CHANGELOG.md

@@ -5,13 +5,7 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 since 0.4.1, and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased](https://github.com/freedomofpress/dangerzone/compare/v0.8.1...HEAD)
-
-- 
-
-## [0.8.1](https://github.com/freedomofpress/dangerzone/compare/v0.8.1...0.8.0)
-
-- Update the container image
+## [Unreleased](https://github.com/freedomofpress/dangerzone/compare/v0.8.0...HEAD)
 
 ### Added
 

INSTALL.md

@@ -1,7 +1,7 @@
 ## MacOS
 
-- Download [Dangerzone 0.8.1 for Mac (Apple Silicon CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.1/Dangerzone-0.8.1-arm64.dmg)
-- Download [Dangerzone 0.8.1 for Mac (Intel CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.1/Dangerzone-0.8.1-i686.dmg)
+- Download [Dangerzone 0.8.0 for Mac (Apple Silicon CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.0/Dangerzone-0.8.0-arm64.dmg)
+- Download [Dangerzone 0.8.0 for Mac (Intel CPU)](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.0/Dangerzone-0.8.0-i686.dmg)
 
 You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `brew install --cask dangerzone`
 
@@ -11,7 +11,7 @@ You can also install Dangerzone for Mac using [Homebrew](https://brew.sh/): `bre
 
 ## Windows
 
-- Download [Dangerzone 0.8.1 for Windows](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.1/Dangerzone-0.8.1.msi)
+- Download [Dangerzone 0.8.0 for Windows](https://github.com/freedomofpress/dangerzone/releases/download/v0.8.0/Dangerzone-0.8.0.msi)
 
 > **Note**: you will also need to install [Docker Desktop](https://www.docker.com/products/docker-desktop/).
 > This program needs to run alongside Dangerzone at all times, since it is what allows Dangerzone to

README.md

@@ -14,13 +14,13 @@ _Read more about Dangerzone in the [official site](https://dangerzone.rocks/abou
 
 Follow the instructions for each platform:
 
-* [macOS](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#macos)
-* [Windows](https://github.com/freedomofpress/dangerzone/blob/v0.8.1//INSTALL.md#windows)
-* [Ubuntu Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#ubuntu-debian)
-* [Debian Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#ubuntu-debian)
-* [Fedora Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#fedora)
+* [macOS](https://github.com/freedomofpress/dangerzone/blob/v0.8.0//INSTALL.md#macos)
+* [Windows](https://github.com/freedomofpress/dangerzone/blob/v0.8.0//INSTALL.md#windows)
+* [Ubuntu Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#ubuntu-debian)
+* [Debian Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#ubuntu-debian)
+* [Fedora Linux](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#fedora)
 * [Qubes OS (beta)](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#qubes-os)
-* [Tails](https://github.com/freedomofpress/dangerzone/blob/v0.8.1/INSTALL.md#tails)
+* [Tails](https://github.com/freedomofpress/dangerzone/blob/v0.8.0/INSTALL.md#tails)
 
 ## Some features
 

debian/changelog

@@ -1,9 +1,3 @@
-dangerzone (0.8.1) unstable; urgency=low
-
-  * Released Dangerzone 0.8.1
-
- -- Freedom of the Press Foundation   <info@freedom.press>  Tue, 22 December 2024 22:03:28 +0300
-
 dangerzone (0.8.0) unstable; urgency=low
 
   * Released Dangerzone 0.8.0

docs/advisories/2024-12-24.md

@@ -1,33 +0,0 @@
-Security Advisory 2024-12-24
-
-In Dangerzone, a security vulnerability was detected in the quarantined
-environment where documents are opened. Vulnerabilities like this are expected
-and do not compromise the security of Dangerzone. However, in combination with
-another more serious vulnerability (also called container escape), a malicious
-document may be able to breach the security of Dangerzone. We are not aware of
-any container escapes that affect Dangerzone. **To reduce that risk, you are
-strongly advised to update Dangerzone to the latest version**.
-
-# Summary
-
-A series of vulnerabilities in gst-plugins-base (CVE-2024-47538, CVE-2024-47607
-and CVE-2024-47615) affects the **contained** environment where the document
-rendering takes place.
-
-If one attempts to convert a malicious file with an embedded Vorbis or Opus
-media elements,  arbitrary code may run within that environment. Such files
-look like regular Office documents, which means that you cannot avoid a specific
-extension. Other programs that open Office documents, such as LibreOffice, are
-also affected, unless the system has been upgraded in the meantime.
-
-# How does this impact me?
-
-The expectation is that malicious code will run in a container without Internet
-access, meaning that it won't be able to infect the rest of the system.
-
-If you are running Dangerzone via the Qubes OS, you are not impacted.
-
-# What do I need to do?
-
-You are **strongly** advised to update your Dangerzone installation to 0.8.1 as
-soon as possible.

install/linux/dangerzone.spec

@@ -32,7 +32,7 @@ Name:           dangerzone-qubes
 Name:           dangerzone
 %endif
 
-Version:        0.8.1
+Version:        0.8.0
 Release:        1%{?dist}
 Summary:        Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs
 

pyproject.toml

@@ -1,6 +1,6 @@
     [tool.poetry]
 name = "dangerzone"
-version = "0.8.1"
+version = "0.8.0"
 description = "Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs"
 authors = ["Freedom of the Press Foundation <info@freedom.press>", "Micah Lee <micah.lee@theintercept.com>"]
 license = "AGPL-3.0"

share/version.txt

@@ -1 +1 @@
-0.8.1
+0.8.0