Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(container): update image docker.io/vaultwarden/server to v1.33.1 (…
…#460) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/vaultwarden/server](https://redirect.github.com/dani-garcia/vaultwarden) | minor | `1.32.7` -> `1.33.1` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (docker.io/vaultwarden/server)</summary> ### [`v1.33.1`](https://redirect.github.com/dani-garcia/vaultwarden/releases/tag/1.33.1) [Compare Source](https://redirect.github.com/dani-garcia/vaultwarden/compare/1.33.0...1.33.1) #### General mention This release has some minor issues fixed like: - Icon's not working on the Desktop clients - Invites not always working - DUO settings not able to configure - Manager rights - Mobile client sync issues fixed #### What's Changed - hide already approved (or declined) auth_requests by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5467](https://redirect.github.com/dani-garcia/vaultwarden/pull/5467) - let invited members access OrgMemberHeaders by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5461](https://redirect.github.com/dani-garcia/vaultwarden/pull/5461) - Make sure the icons are displayed correctly in desktop clients by [@​WinLinux1028](https://redirect.github.com/WinLinux1028) in [https://github.com/dani-garcia/vaultwarden/pull/5469](https://redirect.github.com/dani-garcia/vaultwarden/pull/5469) - Fix passwordRevisionDate format by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5477](https://redirect.github.com/dani-garcia/vaultwarden/pull/5477) - add and use new event types by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5482](https://redirect.github.com/dani-garcia/vaultwarden/pull/5482) - Fix Duo Field Names for Web Client by [@​ratiner](https://redirect.github.com/ratiner) in [https://github.com/dani-garcia/vaultwarden/pull/5491](https://redirect.github.com/dani-garcia/vaultwarden/pull/5491) - Allow all manager to create collections again by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5488](https://redirect.github.com/dani-garcia/vaultwarden/pull/5488) - Update Rust to 1.84.1 by [@​dfunkt](https://redirect.github.com/dfunkt) in [https://github.com/dani-garcia/vaultwarden/pull/5508](https://redirect.github.com/dani-garcia/vaultwarden/pull/5508) #### New Contributors - [@​WinLinux1028](https://redirect.github.com/WinLinux1028) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/5469](https://redirect.github.com/dani-garcia/vaultwarden/pull/5469) - [@​ratiner](https://redirect.github.com/ratiner) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/5491](https://redirect.github.com/dani-garcia/vaultwarden/pull/5491) **Full Changelog**: dani-garcia/vaultwarden@1.33.0...1.33.1 ### [`v1.33.0`](https://redirect.github.com/dani-garcia/vaultwarden/releases/tag/1.33.0) [Compare Source](https://redirect.github.com/dani-garcia/vaultwarden/compare/1.32.7...1.33.0) #### Security Fixes This release contains security fixes for the following advisories. And we strongly advice to update as soon as possible. - [GHSA-f7r5-w49x-gxm3](https://redirect.github.com/dani-garcia/vaultwarden/security/advisories/GHSA-f7r5-w49x-gxm3) This vulnerability is only possible if you do not have an `ADMIN_TOKEN` configured and open links or pages you should not trust anyway. Ensure you have an `ADMIN_TOKEN` configured to keep your admin environment save. - [GHSA-h6cc-rc6q-23j4](https://redirect.github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h6cc-rc6q-23j4) This vulnerability is only possible if someone was able to gain access to your Vaultwarden Admin Backend. The attacker could then change some settings to use sendmail as mail agent but adjust the settings in such a way that it would use a shell command. It then also needed to craft a special favicon image which would have the commands embedded to run during for example sending a test email. - [GHSA-j4h8-vch3-f797](https://redirect.github.com/dani-garcia/vaultwarden/security/advisories/GHSA-j4h8-vch3-f797) This vulnerability affects all users who have multiple Organizations and users which are able to create a new organization or have admin or owner rights on at least one organization. The attacker does need to know the Organization UUID of the Organization it want's to attack or compromise though. #### Notable changes - Updated web-vault to v2025.1.1 - Added partial *manage* role support for collections - Manager role is converted to a Custom role with either Manage All Collections or per collection. Admins and Owners probably want to check and verify if the rights are still correct. - The OCI containers and binaries are *signed* via [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds#verifying-artifact-attestations-with-the-github-cli) This allows you to verify an OCI image or even the `vaultwarden` binary located within the OCI image. These vulnerabilities affects #### What's Changed - Add `inline-menu-positioning-improvements` feature flag by [@​Ephemera42](https://redirect.github.com/Ephemera42) in [https://github.com/dani-garcia/vaultwarden/pull/5313](https://redirect.github.com/dani-garcia/vaultwarden/pull/5313) - Fix issues when uri match is a string by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5332](https://redirect.github.com/dani-garcia/vaultwarden/pull/5332) - Add TOTP delete endpoint by [@​Timshel](https://redirect.github.com/Timshel) in [https://github.com/dani-garcia/vaultwarden/pull/5327](https://redirect.github.com/dani-garcia/vaultwarden/pull/5327) - fix group issue in send_invite by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5321](https://redirect.github.com/dani-garcia/vaultwarden/pull/5321) - Update crates and GHA by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5346](https://redirect.github.com/dani-garcia/vaultwarden/pull/5346) - Refactor the uri match fix and fix ssh-key sync by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5339](https://redirect.github.com/dani-garcia/vaultwarden/pull/5339) - Add partial role support for manager only using web-vault v2024.12.0 by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5219](https://redirect.github.com/dani-garcia/vaultwarden/pull/5219) - Fix issue with key-rotate by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5348](https://redirect.github.com/dani-garcia/vaultwarden/pull/5348) - fix manager role in admin users overview by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5359](https://redirect.github.com/dani-garcia/vaultwarden/pull/5359) - Prevent new users/members to be stored in db when invite fails by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5350](https://redirect.github.com/dani-garcia/vaultwarden/pull/5350) - Update crates and web-vault to v2025.1.0 by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5368](https://redirect.github.com/dani-garcia/vaultwarden/pull/5368) - Allow building with Rust v1.84.0 or newer by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5371](https://redirect.github.com/dani-garcia/vaultwarden/pull/5371) - rename membership and adopt newtype pattern by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5320](https://redirect.github.com/dani-garcia/vaultwarden/pull/5320) - build: raise msrv (1.83.0) rust toolchain (1.84.0) by [@​tessus](https://redirect.github.com/tessus) in [https://github.com/dani-garcia/vaultwarden/pull/5374](https://redirect.github.com/dani-garcia/vaultwarden/pull/5374) - Fix an issue with login with device by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5379](https://redirect.github.com/dani-garcia/vaultwarden/pull/5379) - refactor: replace static with const for global constants by [@​Integral-Tech](https://redirect.github.com/Integral-Tech) in [https://github.com/dani-garcia/vaultwarden/pull/5260](https://redirect.github.com/dani-garcia/vaultwarden/pull/5260) - Add Attestations for containers and artifacts by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5378](https://redirect.github.com/dani-garcia/vaultwarden/pull/5378) - Fix version detection on bake by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5382](https://redirect.github.com/dani-garcia/vaultwarden/pull/5382) - Simplify container image attestation by [@​dfunkt](https://redirect.github.com/dfunkt) in [https://github.com/dani-garcia/vaultwarden/pull/5387](https://redirect.github.com/dani-garcia/vaultwarden/pull/5387) - improve admin invite by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5403](https://redirect.github.com/dani-garcia/vaultwarden/pull/5403) - Add manage role for collections and groups by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5386](https://redirect.github.com/dani-garcia/vaultwarden/pull/5386) - update web-vault to v2025.1.1 and add /api/devices by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5422](https://redirect.github.com/dani-garcia/vaultwarden/pull/5422) - Security fixes by [@​BlackDex](https://redirect.github.com/BlackDex) in [https://github.com/dani-garcia/vaultwarden/pull/5438](https://redirect.github.com/dani-garcia/vaultwarden/pull/5438) - only validate SMTP_FROM if necessary by [@​stefan0xC](https://redirect.github.com/stefan0xC) in [https://github.com/dani-garcia/vaultwarden/pull/5442](https://redirect.github.com/dani-garcia/vaultwarden/pull/5442) #### New Contributors - [@​Ephemera42](https://redirect.github.com/Ephemera42) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/5313](https://redirect.github.com/dani-garcia/vaultwarden/pull/5313) - [@​Integral-Tech](https://redirect.github.com/Integral-Tech) made their first contribution in [https://github.com/dani-garcia/vaultwarden/pull/5260](https://redirect.github.com/dani-garcia/vaultwarden/pull/5260) **Full Changelog**: dani-garcia/vaultwarden@1.32.7...1.33.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/sp3nx0r/homelab). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMjUuMSIsInVwZGF0ZWRJblZlciI6IjM5LjE0NS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL21pbm9yIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
- Loading branch information
1 parent
eb7f6e5
commit b565fd0