From 55cf9eb8f9d829d50e20ecc57c976bc7adfd3719 Mon Sep 17 00:00:00 2001
From: Ian Pittwood <ian.pittwood@rstudio.com>
Date: Thu, 27 Jun 2024 09:32:29 -0600
Subject: [PATCH 1/5] [CVE-2024-38526] Update Quarto to 1.4.556

---
 connect/Dockerfile.ubuntu2204 | 2 +-
 docker-bake.hcl               | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/connect/Dockerfile.ubuntu2204 b/connect/Dockerfile.ubuntu2204
index c314744c..4701fcf5 100644
--- a/connect/Dockerfile.ubuntu2204
+++ b/connect/Dockerfile.ubuntu2204
@@ -8,7 +8,7 @@ ARG R_VERSION_ALT=4.1.3
 ARG PYTHON_VERSION=3.9.17
 ARG PYTHON_VERSION_ALT=3.8.17
 ARG RSC_VERSION=2024.06.0
-ARG QUARTO_VERSION=1.4.552
+ARG QUARTO_VERSION=1.4.556
 ARG SCRIPTS_DIR=/opt/positscripts
 
 ### Install Quarto ###
diff --git a/docker-bake.hcl b/docker-bake.hcl
index c551b06e..572fe918 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -16,7 +16,7 @@ variable DRIVERS_VERSION {
 }
 
 variable DEFAULT_QUARTO_VERSION {
-    default = "1.4.552"
+    default = "1.4.556"
 }
 
 variable DEFAULT_JUPYTERLAB_VERSION {
@@ -158,6 +158,9 @@ variable CONTENT_BUILD_MATRIX {
 
       # R-4.4, Python-3.12, Quarto-1.4.
       {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.3", drivers = "2024.03.0", quarto = "1.4.553"},
+
+      # R-4.4, Python-3.12.4, Quarto-1.4.556 (polyfill.js vulnerability patch)
+      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.553"},
     ]
   }
 }

From 19ff5412863f19611f35803985ba27d44dffb7e5 Mon Sep 17 00:00:00 2001
From: Ian Pittwood <ian.pittwood@rstudio.com>
Date: Thu, 27 Jun 2024 09:44:14 -0600
Subject: [PATCH 2/5] Update justfile Quarto

---
 Justfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Justfile b/Justfile
index ea8acf77..05b29b83 100644
--- a/Justfile
+++ b/Justfile
@@ -22,7 +22,7 @@ PYTHON_VERSION_ALT := "3.8.17"
 PYTHON_VERSION_RHEL := "3.9.14"
 PYTHON_VERSION_ALT_RHEL := "3.8.15"
 
-QUARTO_VERSION := "1.4.553"
+QUARTO_VERSION := "1.4.556"
 
 export RSC_LICENSE := ""
 export RSPM_LICENSE := ""

From 3213ef43395476b261a67e6ff2db8e0c17973eb3 Mon Sep 17 00:00:00 2001
From: Ian Pittwood <ian.pittwood@rstudio.com>
Date: Thu, 27 Jun 2024 09:55:56 -0600
Subject: [PATCH 3/5] Update content image to R 4.4.1

---
 docker-bake.hcl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-bake.hcl b/docker-bake.hcl
index 572fe918..116953d0 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -160,7 +160,7 @@ variable CONTENT_BUILD_MATRIX {
       {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.3", drivers = "2024.03.0", quarto = "1.4.553"},
 
       # R-4.4, Python-3.12.4, Quarto-1.4.556 (polyfill.js vulnerability patch)
-      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.553"},
+      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.1", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.553"},
     ]
   }
 }

From 217bcca89b4d0d6169a8cc9f32d6b4b342e760c7 Mon Sep 17 00:00:00 2001
From: Ian Pittwood <ian.pittwood@rstudio.com>
Date: Thu, 27 Jun 2024 09:57:17 -0600
Subject: [PATCH 4/5] Update quarto patch miss

---
 docker-bake.hcl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-bake.hcl b/docker-bake.hcl
index 116953d0..5122f90a 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -160,7 +160,7 @@ variable CONTENT_BUILD_MATRIX {
       {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.3", drivers = "2024.03.0", quarto = "1.4.553"},
 
       # R-4.4, Python-3.12.4, Quarto-1.4.556 (polyfill.js vulnerability patch)
-      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.1", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.553"},
+      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.1", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.556"},
     ]
   }
 }

From fc31fb3d40bd4d25693dbeeea35997497ec21bea Mon Sep 17 00:00:00 2001
From: Ian Pittwood <ian.pittwood@rstudio.com>
Date: Thu, 27 Jun 2024 12:02:59 -0600
Subject: [PATCH 5/5] Update Quarto patch to 1.4.557

---
 Justfile                      | 2 +-
 ci.Justfile                   | 2 +-
 connect/Dockerfile.ubuntu2204 | 2 +-
 docker-bake.hcl               | 6 +++---
 docker-bake.preview.hcl       | 4 ++--
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/Justfile b/Justfile
index e4850d5a..341c831a 100644
--- a/Justfile
+++ b/Justfile
@@ -22,7 +22,7 @@ PYTHON_VERSION_ALT := "3.8.17"
 PYTHON_VERSION_RHEL := "3.9.14"
 PYTHON_VERSION_ALT_RHEL := "3.8.15"
 
-QUARTO_VERSION := "1.4.556"
+QUARTO_VERSION := "1.4.557"
 
 export RSC_LICENSE := ""
 export RSPM_LICENSE := ""
diff --git a/ci.Justfile b/ci.Justfile
index 06324e8e..1de52f56 100644
--- a/ci.Justfile
+++ b/ci.Justfile
@@ -12,7 +12,7 @@ PYTHON_VERSION_ALT := "3.8.17"
 DRIVERS_VERSION := "2024.03.0"
 DRIVERS_VERSION_RHEL := DRIVERS_VERSION + "-1"
 
-QUARTO_VERSION := "1.3.340"
+QUARTO_VERSION := "1.4.557"
 
 # just _get-os-alias jammy
 _get-os-alias OS:
diff --git a/connect/Dockerfile.ubuntu2204 b/connect/Dockerfile.ubuntu2204
index 4701fcf5..593fe1d3 100644
--- a/connect/Dockerfile.ubuntu2204
+++ b/connect/Dockerfile.ubuntu2204
@@ -8,7 +8,7 @@ ARG R_VERSION_ALT=4.1.3
 ARG PYTHON_VERSION=3.9.17
 ARG PYTHON_VERSION_ALT=3.8.17
 ARG RSC_VERSION=2024.06.0
-ARG QUARTO_VERSION=1.4.556
+ARG QUARTO_VERSION=1.4.557
 ARG SCRIPTS_DIR=/opt/positscripts
 
 ### Install Quarto ###
diff --git a/docker-bake.hcl b/docker-bake.hcl
index 78110c7c..8cc7fc33 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -16,7 +16,7 @@ variable DRIVERS_VERSION {
 }
 
 variable DEFAULT_QUARTO_VERSION {
-    default = "1.4.556"
+    default = "1.4.557"
 }
 
 variable DEFAULT_JUPYTERLAB_VERSION {
@@ -159,8 +159,8 @@ variable CONTENT_BUILD_MATRIX {
       # R-4.4, Python-3.12, Quarto-1.4.
       {os = "ubuntu2204", os_alt = "jammy", r = "4.4.0", py = "3.12.3", drivers = "2024.03.0", quarto = "1.4.553"},
 
-      # R-4.4, Python-3.12.4, Quarto-1.4.556 (polyfill.js vulnerability patch)
-      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.1", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.556"},
+      # R-4.4, Python-3.12.4, Quarto-1.4.557 (polyfill.js vulnerability patch)
+      {os = "ubuntu2204", os_alt = "jammy", r = "4.4.1", py = "3.12.4", drivers = "2024.03.0", quarto = "1.4.557"},
     ]
   }
 }
diff --git a/docker-bake.preview.hcl b/docker-bake.preview.hcl
index 2c4ed010..400b13f7 100644
--- a/docker-bake.preview.hcl
+++ b/docker-bake.preview.hcl
@@ -28,7 +28,7 @@ variable DRIVERS_VERSION {
 }
 
 variable DEFAULT_QUARTO_VERSION {
-    default = "1.4.556"
+    default = "1.4.557"
 }
 
 variable DEFAULT_JUPYTERLAB_VERSION {
@@ -227,7 +227,7 @@ target "product-base-dev" {
         PYTHON_VERSION = builds.py_primary
         PYTHON_VERSION_ALT = builds.py_alternate
         TINI_VERSION = "0.19.0"
-        QUARTO_VERSION = "1.3.340"
+        QUARTO_VERSION = "1.4.557"
     }
 }