Dangerzone Changelog

What's new in Dangerzone 0.6.1

May 13, 2024
  • Handle timeout errors ("Timeout after 3 seconds") more gracefully
  • Several people have encountered timeout errors when converting documents. We have not pinpointed yet the exact reason for these timeouts, but we know they happen once the conversion has finished, either successfully or unsuccessfully, and they are informational in nature. In this release, we improve our handling of termination delays, and users should not experience these timeout errors again.
  • Support for Fedora 40 and Ubuntu 24.04 (Linux)
  • Fedora 40 and Ubuntu 24.04 were released recently, so we added support for these platforms.
  • Sign our release assets:
  • In addition to platform-specific signing procedures, our release assets are now also signed with the Dangerzone signing key (DE28 AB24 1FA4 8260 FAC9 B8BA A7C9 B385 2260 4281). By "release assets", we refer to our installers for Windows and macOS, and our container image, that you see at the bottom of this page. We also provide a guide that explains how to verify these assets on your own.
  • Community contributions:
  • We want to thank our first-time contributor, @naglis, who fixed several issues, both user-facing and developer-facing. Notably, Dangerzone's icon and name should now be shown properly on all supported Linux platforms (#402). Also, Linux users can now open multiple documents at once, when they right-click on them, and then click on "Open with" -> "Dangerzone" (#797).
  • First-time contributor @maltfield notified us that Dangerzone did not work on macOS releases prior to Ventura (13) (#471). This issue should be resolved with this release.
  • Finally, special thanks to our two other first-time contributors, @stepnem and @iArchitSharma, who offered some development improvements (#573, #784).

New in Dangerzone 0.6.0 (Feb 27, 2024)

  • The highlights are:
  • Replace document rendering tools with PyMuPDF:
  • Dangerzone internally used multiple standalone programs to aid the various aspects of transforming a document into pixels. However, these started presenting integration challenges that could cause slowness or space issues. By using the PyMuPDF module instead, the conversion-related code becomes much simpler and thus, less error-prone. Unexpectedly, this change opened the door to many future technical improvements to Dangerzone summarized in this diagram. This may result in minor differences in the produced PDFs, particularly in fonts. We have documented some of these differences visually here.
  • New file extension support: EPUB, SVG and other image formats:
  • Including PyMuPDF (described above) in Dangerzone enabled us to add these new file formats at no extra effort. Additional formats like PSD or MOBI will be added in the future when all the different supported platforms have a version of PyMuPDF recent enough to support these other file formats.
  • Removal of timeouts:
  • Some documents would timeout after a certain time (depending on the file size and number of pages) if the conversion did not complete until then. Timeouts existed due to to some document conversion commands indefinitely hanging. While it is still true that some documents may take a very long time, having the document stop after an arbitrary amount of time does not look like the proper solution. So we have chosen to remove timeouts entirely, for now. We may revisit this idea in the future, better integrating it into the user interface.
  • Support for Fedora 39 (Linux):
  • The unavailability of a core component of Dangerzone (PySide2/PySide6) made it impossible to release our software when Fedora 39 became officially available (#606). We are pleased to announce that we managed to overcome this challenge by packaging this very component and distributing it from our software repositories.
  • Special thanks go to @sudwhiwdh, who informed us once Fedora 39 was out, offered some style fixes, and beta-tested an early Dangerzone release on Fedora 39.
  • New license: AGPL v3:
  • Dangerzone was originally licensed under the MIT License until version 0.5.1. The PyMuPDF project though, which we are including in this release thanks to its significant improvements to Dangerzone, is licensed under AGPLv3. In order to comply with the license's terms, we have decided to switch the Dangerzone license to AGPLv3 as well. This change should affect only entities who are offering Dangerzone commercially, as part of a closed-source offering.
  • Community contributions:
  • Two cheers for first-time contributors @EtiennePerot and @prateekj117, who offered some fixes in our build system (#721, #671), and one more cheer for recurring contributor @OctopusET, who added support for converting HWP documents on macOS systems with Apple Silicon chip (#498).

New in Dangerzone 0.5.1 (Dec 8, 2023)

  • Fixed:
  • Our Qubes RPM package was missing critical dependencies for the conversion of a document from pixels to PDF (issue #647)
  • Changed:
  • Use more descriptive button labels in update check prompt (issue #527, thanks to @garrettr)
  • Removed:
  • Platform support: Drop Fedora 37, since it reached end-of-life (issue #637)
  • Security:
  • Security advisory 2023-12-07: Protect our container image against CVE-2023-43115, by updating GhostScript to version 10.02.0.
  • Security advisory 2023-10-25: prevent dz-dvm network via dispVMs. This was officially communicated on the advisory date and is only included here since this is the first release since it was announced.

New in Dangerzone 0.5.0 (Oct 20, 2023)

  • This release includes support for new platforms, stability improvements, and some fixes. The highlights are:
  • Beta Qubes OS Support:
  • The majority of this release has been improvements to the integration of Dangerzone in Qubes OS, moving from alpha support to beta. We added instructions on how to install it, caught the majority of the potential errors, and added timeouts and progress information. Testers should be aware that some issues still remain, which will be fixed on the road to stable support. The main issues are:
  • Converting large documents (e.g., >160 US letter pages) can fail with an out of space error, and/or require up to 2GiB of RAM (#577)
  • Failed conversions may require manual cleanup of the disposable qubes by the user (#577)
  • Fixed package upgrades in Fedora
  • Fedora users can now safely install new Dangerzone versions (#514)
  • Fixed a bug that could potentially lead to excluding the last page of the sanitized document
  • This bug was introduced in version 0.4.1. We are not aware of any user who is affected, but we do know that it does not have any security implications.
  • Reduced download size
  • We removed ~300MiB from our container image (and thus the application download) by using the fast variant of the Tesseract OCR (optical character recognition) language models (#545)
  • 1 contribution from a new contributor, @garrettr
  • Fixed dark mode on macOS where some texts in the user interface were black instead of white

New in Dangerzone 0.4.2 (Aug 9, 2023)

  • This release includes various new features, stability improvements, and security fixes. The highlights are:
  • An opt-in update notification mechanism for Windows and MacOS users.
  • This allows users to get notified for new updates when they open the Dangerzone application. For more info, we have a page where we explain this mechanism in detail.
  • Fix for security vulnerability CVE-2023-39342
  • This vulnerability affects the messages that users of the dangerzone-cli see in their terminal. This is a low severity CVE that does not lead to any integrity or confidentiality loss, but all users are encouraged to upgrade.
  • Alpha support for native sanitization on Qubes OS
  • Qubes OS users that can follow our build instructions can give Dangerzone a spin and use disposable VMs to sanitize their files, instead of containers. If you are an early tester, feel free to write about your experience in our GitHub discussions page.
  • 4 contributions from 2 new contributors, @OctopusET and @keywordnew
  • We are especially excited for the support for HWP/HWPX files, which is a file format popular in South Korea, and unfortunately a common target of malware attacks (note: support for these files is not available on Qubes OS or MacOS with Apple Silicon chip yet).

New in Dangerzone 0.4.1 (Aug 8, 2023)

  • An opt-in update notification mechanism for Windows and MacOS users.
  • This allows users to get notified for new updates when they open the Dangerzone application. For more info, we have a page where we explain this mechanism in detail.
  • Fix for security vulnerability CVE-2023-39342
  • This vulnerability affects the messages that users of the dangerzone-cli see in their terminal. This is a low severity CVE that does not lead to any integrity or confidentiality loss, but all users are encouraged to upgrade.
  • Alpha support for native sanitization on Qubes OS
  • Qubes OS users that can follow our build instructions can give Dangerzone a spin and use disposable VMs to sanitize their files, instead of containers. If you are an early tester, feel free to write about your experience in our GitHub discussions page.
  • 4 contributions from 2 new contributors, @OctopusET and @keywordnew
  • We are especially excited for the support for HWP/HWPX files, which is a file format popular in South Korea, and unfortunately a common target of malware attacks (note: support for these files is not available on Qubes OS or MacOS with Apple Silicon chip yet).

New in Dangerzone 0.4.1 (Apr 24, 2023)

  • Native application for MacOS Apple Silicon users
  • Fixes for timeout issues on large files
  • Performance boost when converting large files
  • Improved reliability when converting files with atypical MIME types or permissions.

New in Dangerzone 0.4.0 (Jan 17, 2023)

  • Feature: Support bulk conversion to safe PDFs (issue #77)
  • Feature: Option to archive unsafe directories (issue #255)
  • Feature: Support python 3.10
  • Feature: When quitting while still converting, confirm if user is sure
  • Platform support: Re-add Fedora 37 support
  • Platform support: Add Debian Bookworm (12) support (issue #172)
  • Platform support: Reinstate Ubuntu Focal support (issue #206)
  • Platform support: Add Ubuntu 22.10 "Kinetic Kudu" support (issue #265)
  • Bug fix: Fix unit tests on Windows
  • Bug fix: Do not hardcode "docker" in help messages, now that Podman is also used (issue #122)
  • Bug fix: Failed execution no longer produces an empty "safe" documents (issue #214)
  • Bug fix: Malfunctioning "New window" logic was replaced with multi-doc support (issue #204)
  • Bug fix: re-adds support for 'open with Dangerzone' from finder on macOS (issue #268)
  • Bug fix: (macOS) quit Dangerzone when main window is closed (issue #271)