On 11/20/24 9:12 AM, Kirill A. Korinsky wrote:
> On Wed, 20 Nov 2024 06:26:25 +0100,
> Bjorn Ketelaars <[email protected]> wrote:
>>
>> Diff below updates vaultwarden to 1.32.5. From
>> https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5: This
>> release further fixed some CVE Reports reported by a third party
>> security auditor and we recommend everybody to update to the latest
>> version as soon as possible. The contents of these reports will be
>> disclosed publicly in the future.
>>
>> Not sure how many of these CVE fixes to expect.
Yea I've not been having fun with these. I'm glad I run this in a
wireguard mesh.
>>
>> Run tested on amd64.
>>
>> I think it makes sense to backport this update to -stable as well.
Yes, we should definitely backport it to stable as well.
>>
>> OK for committing to -current and -stable / comments?
>>
>
> Tested on 7.6 with:
> - vaultwarden-web.
> - iPhone client.
> - chrome plugin.
>
I tested it out on stable and works fine with android client, web and
firefox plugin.
OK aisha
> Works.
>
> OK for me.
>
