On Fri, Feb 14, 2025 at 04:13:12PM +0100, Kirill A. Korinsky wrote: > On Fri, 14 Feb 2025 06:44:59 +0100, > Bjorn Ketelaars <b...@openbsd.org> wrote: > > > > Simple diff for bringing vaultwarden to 1.33.2. Changes [0]: > > - Update workflows and enhance security > > - Update crates & fix CVE-2025-24898 > > - add bulk-access endpoint for collections > > - Fix icon redirect not working on desktop > > - Show assigned collections on member edit > > > > Build- and run-tested on amd64 current. > > > > OK? > > > > Thanks for update, OK kirill@ > > I also had backported it to 7.6 as:
Is it really necessary to backport this? Nothing in the vaultwarden directory calls select_next_proto() so CVE-2025-24898 is a non-issue.
