Mailing List Archive | ports@openbsd.org

From:: Kirill A. Korinsky <kirill@korins.ky>
Subject:: Re: UPDATE security/vaultwarden-1.32.5
To:: Bjorn Ketelaars <bket@openbsd.org>
Cc:: ports@openbsd.org, Aisha Tammy <aisha@openbsd.org>
Date:: Wed, 20 Nov 2024 15:12:47 +0100

Download raw body.

Thread

2024-11-20 05:26 Bjorn Ketelaars:
UPDATE security/vaultwarden-1.32.5
- 2024-11-20 14:12 Kirill A. Korinsky:
  UPDATE security/vaultwarden-1.32.5
- - 2024-11-20 14:23 A Tammy:
    UPDATE security/vaultwarden-1.32.5

On Wed, 20 Nov 2024 06:26:25 +0100,
Bjorn Ketelaars <bket@openbsd.org> wrote:
> 
> Diff below updates vaultwarden to 1.32.5. From
> https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5: This
> release further fixed some CVE Reports reported by a third party
> security auditor and we recommend everybody to update to the latest
> version as soon as possible. The contents of these reports will be
> disclosed publicly in the future.
> 
> Not sure how many of these CVE fixes to expect.
> 
> Run tested on amd64.
> 
> I think it makes sense to backport this update to -stable as well.
> 
> OK for committing to -current and -stable / comments?
>

Tested on 7.6 with:
 - vaultwarden-web.
 - iPhone client.
 - chrome plugin.

Works.

OK for me.

-- 
wbr, Kirill

2024-11-20 05:26 Bjorn Ketelaars:
UPDATE security/vaultwarden-1.32.5
- 2024-11-20 14:12 Kirill A. Korinsky:
  UPDATE security/vaultwarden-1.32.5
- - 2024-11-20 14:23 A Tammy:
    UPDATE security/vaultwarden-1.32.5