Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(container): update image vaultwarden/server ( 1.32.7 → 1.33.1 ) #2004

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(container): update image vaultwarden/server ( 1.32.7 → 1.33.1 ) #2004

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 25, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
vaultwarden/server minor 1.32.7 -> 1.33.1

Release Notes

dani-garcia/vaultwarden (vaultwarden/server)

v1.33.1

Compare Source

General mention

This release has some minor issues fixed like:

  • Icon's not working on the Desktop clients
  • Invites not always working
  • DUO settings not able to configure
  • Manager rights
  • Mobile client sync issues fixed

What's Changed

New Contributors

Full Changelog: dani-garcia/vaultwarden@1.33.0...1.33.1

v1.33.0

Compare Source

Security Fixes

This release contains security fixes for the following advisories.
And we strongly advice to update as soon as possible.

  • GHSA-f7r5-w49x-gxm3
    This vulnerability is only possible if you do not have an ADMIN_TOKEN configured and open links or pages you should not trust anyway. Ensure you have an ADMIN_TOKEN configured to keep your admin environment save.
  • GHSA-h6cc-rc6q-23j4
    This vulnerability is only possible if someone was able to gain access to your Vaultwarden Admin Backend. The attacker could then change some settings to use sendmail as mail agent but adjust the settings in such a way that it would use a shell command. It then also needed to craft a special favicon image which would have the commands embedded to run during for example sending a test email.
  • GHSA-j4h8-vch3-f797
    This vulnerability affects all users who have multiple Organizations and users which are able to create a new organization or have admin or owner rights on at least one organization. The attacker does need to know the Organization UUID of the Organization it want's to attack or compromise though.

Notable changes

  • Updated web-vault to v2025.1.1
  • Added partial manage role support for collections
  • Manager role is converted to a Custom role with either Manage All Collections or per collection.
    Admins and Owners probably want to check and verify if the rights are still correct.
  • The OCI containers and binaries are signed via GitHub Attestations
    This allows you to verify an OCI image or even the vaultwarden binary located within the OCI image.

These vulnerabilities affects

What's Changed

New Contributors

Full Changelog: dani-garcia/vaultwarden@1.32.7...1.33.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@mglants-bot
Copy link

mglants-bot bot commented Jan 25, 2025
edited
Loading 

--- kubernetes/subterra/apps/apps/vaultwarden/app Kustomization: flux-system/cluster-apps-vaultwarden HelmRelease: apps/vaultwarden

+++ kubernetes/subterra/apps/apps/vaultwarden/app Kustomization: flux-system/cluster-apps-vaultwarden HelmRelease: apps/vaultwarden

@@ -41,13 +41,13 @@

     envFrom:
     - secretRef:
         name: vaultwarden-secret
     image:
       pullPolicy: IfNotPresent
       repository: vaultwarden/server
-      tag: 1.32.7
+      tag: 1.33.1
     ingress:
       main:
         annotations:
           cert-manager.io/cluster-issuer: letsencrypt-prod
           external-dns.alpha.kubernetes.io/target: ingress.ur30.ru
         enabled: true

@mglants-bot
Copy link

mglants-bot bot commented Jan 25, 2025
edited
Loading 

--- HelmRelease: apps/vaultwarden Deployment: apps/vaultwarden

+++ HelmRelease: apps/vaultwarden Deployment: apps/vaultwarden

@@ -27,13 +27,13 @@

       serviceAccountName: default
       automountServiceAccountToken: true
       dnsPolicy: ClusterFirst
       enableServiceLinks: true
       containers:
       - name: vaultwarden
-        image: vaultwarden/server:1.32.7
+        image: vaultwarden/server:1.33.1
         imagePullPolicy: IfNotPresent
         env:
         - name: DATABASE_URL
           valueFrom:
             secretKeyRef:
               key: uri

@renovate
feat(container): update image vaultwarden/server ( 1.32.7 → 1.33.1 )
3aa94d3 
| datasource | package            | from   | to     |
| ---------- | ------------------ | ------ | ------ |
| docker     | vaultwarden/server | 1.32.7 | 1.33.1 |
@renovate renovate bot force-pushed the renovate/vaultwarden-server-1.x branch from f07ae20 to 3aa94d3 Compare February 3, 2025 18:24
@renovate renovate bot changed the title feat(container): update image vaultwarden/server ( 1.32.7 → 1.33.0 ) feat(container): update image vaultwarden/server ( 1.32.7 → 1.33.1 ) Feb 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
area/kubernetes cluster/subterra renovate/container type/minor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants