Vaultwarden - Package Updates
-
[1.16.5]
- Update Vaultwarden to 1.30.5
- Update web vault to 2024.1.2b
- Full changelog
- Update crates to fix new builds by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4308
- Add Kubernetes environment detection by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4290
- Update GHA Workflows by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4309
- Update Rust, crates and web-vault by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4328
- Change the codegen-units for low resources by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4336
- Fix env templateto ensure compatibility with systemd's EnvironmentFile parsing by @seiuneko in https://github.com/dani-garcia/vaultwarden/pull/4315
- Update crates, GHA and a Python script by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4357
- fix: web API call for jquery 3.7.1 by @calvin-li-developer in https://github.com/dani-garcia/vaultwarden/pull/4400
-
[1.17.0]
- Update Vaultwarden to 1.31.0
- Full changelog
- Initial support for the beta releases of the new native mobile apps
- Removed support for WebSocket traffic on port 3012, as it's been integrated on the main HTTP port for a few releases
- Updated included web vault to 2024.5.1
-
[1.18.0]
- Update Vaultwarden to 1.32.0
- Full changelog
- CVE-2024-39924 Fixed via #4715
- CVE-2024-39925 Fixed via #4837
- CVE-2024-39926 Fixed via #4737
- Updated web-vault to v2024.6.2
- Fixed issues with password reset enrollment by rolling back a web-vault commit
-
[1.18.1]
- Update Vaultwarden to 1.32.1
- Full changelog
- Fixed syncing/login with native mobile clients
- Added CLI option to backup SQLite database
- Email Template changes regarding invites, 2FA Incomplete logins, and new logins
-
[1.18.2]
- Update Vaultwarden to 1.32.2
- Full changelog
- Fixed collection management for managers
- Fix compiling for Windows targets by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5053
- Updates and collection management fixes by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5072
- Fix --version from failing without config by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5055
-
[1.18.3]
- Update Vaultwarden to 1.32.3
- Full changelog
- Email template for org invites was updated again. The URL got HTML Encoded which resulted in a sometimes non-working URL (#5100)
- Fixed SMTP issues with some providers which send erroneous response to QUIT messages (Like QQ) (Thanks to @paolobarbolini)
- Fixed a long standing collection management issue where collections were not able to be managed via the Password Manager overview
-
[1.18.4]
- Update vaultwarden to 1.32.4
- Full Changelog
- Added more compatibility fixes for the native mobile apps, datetimes are now formatted without too many decimals.
- Email Template changes to the send emergency access invite. If you have modified this template, make sure to update it with the new changes.
- Update README by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5153
-
[1.18.5]
- Update vaultwarden to 1.32.5
- Full Changelog
- Added SSH-Key storage support. Currently only usable with Bitwarden Desktop v2024.12.0 and newer.
- Fix if logic error by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5171
- More authrequest fixes by @dani-garcia in https://github.com/dani-garcia/vaultwarden/pull/5176
- Add dynamic CSS support by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4940
- fix hibp username encoding and pw hint check by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5180
- Remove auth-request deletion by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5184
- fix password hint check by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5189
-
[1.18.5]
- Update vaultwarden to 1.32.5
- Full Changelog
- Added SSH-Key storage support. Currently only usable with Bitwarden Desktop v2024.12.0 and newer.
- Fix if logic error by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5171
- More authrequest fixes by @dani-garcia in https://github.com/dani-garcia/vaultwarden/pull/5176
- Add dynamic CSS support by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/4940
- fix hibp username encoding and pw hint check by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5180
- Remove auth-request deletion by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5184
- fix password hint check by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5189
@Package-Updates This update is very important! It fixes a CVE
From the Github directly:
This release further fixed some CVE Reports reported by a third party security auditor and we recommend everybody to update to the latest version as soon as possible. The contents of these reports will be disclosed publicly in the future. -
[1.18.6]
- Update vaultwarden to 1.32.6
- Full Changelog
- Fix push not working by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5214
- Fix editing members which have access-all rights by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5213
- Update Rust and crates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5248
- Update Alpine to version 3.21 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5256
- Fix another sync issue with native clients by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5259
- Update crates by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5268
- Some Backend Admin fixes and updates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5272
- @chuangjinglu made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/5224
-
[1.18.7]
- Update vaultwarden to 1.32.7
- Full Changelog
- feat: mask _smtp_img_src in support string by @tessus in https://github.com/dani-garcia/vaultwarden/pull/5281
- Some refactoring, optimizations and security fixes by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5291
- Allow adding connect-src entries by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5293
- Use updated fern instead of patch by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5298
-
[1.19.0]
- Update vaultwarden to 1.33.0
- Full Changelog
- GHSA-f7r5-w49x-gxm3
- GHSA-h6cc-rc6q-23j4
- GHSA-j4h8-vch3-f797
- Updated web-vault to v2025.1.1
- Added partial manage role support for collections
- Manager role is converted to a Custom role with either Manage All Collections or per collection.
- The OCI containers and binaries are signed via GitHub Attestations
- Add
inline-menu-positioning-improvementsfeature flag by @Ephemera42 in https://github.com/dani-garcia/vaultwarden/pull/5313 - Fix issues when uri match is a string by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5332
- Add TOTP delete endpoint by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5327
- fix group issue in send_invite by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5321
- Update crates and GHA by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5346
- Refactor the uri match fix and fix ssh-key sync by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5339
- Add partial role support for manager only using web-vault v2024.12.0 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5219
- Fix issue with key-rotate by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5348
- fix manager role in admin users overview by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5359
- Prevent new users/members to be stored in db when invite fails by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5350
- Update crates and web-vault to v2025.1.0 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5368
- Allow building with Rust v1.84.0 or newer by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5371
- rename membership and adopt newtype pattern by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5320
- build: raise msrv (1.83.0) rust toolchain (1.84.0) by @tessus in https://github.com/dani-garcia/vaultwarden/pull/5374
- Fix an issue with login with device by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5379
- refactor: replace static with const for global constants by @Integral-Tech in https://github.com/dani-garcia/vaultwarden/pull/5260
- Add Attestations for containers and artifacts by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5378
- Fix version detection on bake by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5382
- Simplify container image attestation by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5387
- improve admin invite by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5403
- Add manage role for collections and groups by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5386
- update web-vault to v2025.1.1 and add /api/devices by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5422
- Security fixes by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5438
- only validate SMTP_FROM if necessary by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5442
-
[1.19.1]
- Update vaultwarden to 1.33.1
- Full Changelog
- Icon's not working on the Desktop clients
- Invites not always working
- DUO settings not able to configure
- Manager rights
- Mobile client sync issues fixed
- hide already approved (or declined) auth_requests by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5467
- let invited members access OrgMemberHeaders by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5461
- Make sure the icons are displayed correctly in desktop clients by @WinLinux1028 in https://github.com/dani-garcia/vaultwarden/pull/5469
- Fix passwordRevisionDate format by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5477
- add and use new event types by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5482
- Fix Duo Field Names for Web Client by @ratiner in https://github.com/dani-garcia/vaultwarden/pull/5491
- Allow all manager to create collections again by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5488
- Update Rust to 1.84.1 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5508
- @WinLinux1028 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/5469
- @ratiner made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/5491
-
[1.19.2]
- Update vaultwarden to 1.33.2
- Full Changelog
- Update workflows and enhance security by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5537
- Update crates & fix CVE-2025-24898 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5538
- add bulk-access endpoint for collections by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5542
- Fix icon redirect not working on desktop by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5536
- Show assigned collections on member edit by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5556
-
[1.20.0]
- Remove apache
- Update base image to 5.0.0
-
[1.21.0]
- Update vaultwarden to 1.34.1
- Full Changelog
- Fix admin diagnostics crash by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5886
- Updated web-vault to v2025.5.0
- Implemented new registration flow with email verification
- Added support for some feature flags (mutual TLS, attachment export, AnonAddy/SimpleLogin self host)
- Update crates & fix CVE-2025-25188 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5576
- Fix db issues with Option<> values and upd crates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5594
- allow CLI to upload send files with truncated filenames by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5618
- Update Rust to 1.85.0 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5634
- Use subtle to replace deprecated ring::constant_time::verify_slices_are_equal by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5680
- Add support for mutual-tls feature flag by @bennettmsherman in https://github.com/dani-garcia/vaultwarden/pull/5698
-
[1.22.0]
- add checklist item about registration
-
[1.22.1]
- Update vaultwarden to 1.34.2
- Full Changelog
- Updated web vault to 2025.7.0
- Included experimental support for S3 file backend using OpenDAL. This currently requires compiling from source with the
s3feature flag, check https://github.com/dani-garcia/vaultwarden/pull/5626 for more details. - fix css to hide login with passkey by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5890
- fix css for locked screen by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5905
- Abstract persistent files through Apache OpenDAL by @txase in https://github.com/dani-garcia/vaultwarden/pull/5626
- Fix and improvements to password policies by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5923
- Update Alpine to version 3.22 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5938
- make css for login-page position independent by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5906
- allow signup for invited users by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5967
- fix account recovery withdrawal by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5968
