Vaultwarden - Package Updates

Package Updates

[1.19.1]

Update vaultwarden to 1.33.1
Full Changelog
Icon's not working on the Desktop clients
Invites not always working
DUO settings not able to configure
Manager rights
Mobile client sync issues fixed
hide already approved (or declined) auth_requests by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5467
let invited members access OrgMemberHeaders by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5461
Make sure the icons are displayed correctly in desktop clients by @WinLinux1028 in https://github.com/dani-garcia/vaultwarden/pull/5469
Fix passwordRevisionDate format by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5477
add and use new event types by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5482
Fix Duo Field Names for Web Client by @ratiner in https://github.com/dani-garcia/vaultwarden/pull/5491
Allow all manager to create collections again by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5488
Update Rust to 1.84.1 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5508
@WinLinux1028 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/5469
@ratiner made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/5491

Package Updates

[1.19.2]

Package Updates

[1.20.0]

Package Updates

[1.21.0]

Update vaultwarden to 1.34.1
Full Changelog
Fix admin diagnostics crash by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5886
Updated web-vault to v2025.5.0
Implemented new registration flow with email verification
Added support for some feature flags (mutual TLS, attachment export, AnonAddy/SimpleLogin self host)
Update crates & fix CVE-2025-25188 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5576
Fix db issues with Option<> values and upd crates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/5594
allow CLI to upload send files with truncated filenames by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5618
Update Rust to 1.85.0 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5634
Use subtle to replace deprecated ring::constant_time::verify_slices_are_equal by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5680
Add support for mutual-tls feature flag by @bennettmsherman in https://github.com/dani-garcia/vaultwarden/pull/5698

Package Updates

[1.22.0]

Package Updates

[1.22.1]

Update vaultwarden to 1.34.2
Full Changelog
Updated web vault to 2025.7.0
Included experimental support for S3 file backend using OpenDAL. This currently requires compiling from source with the s3 feature flag, check https://github.com/dani-garcia/vaultwarden/pull/5626 for more details.
fix css to hide login with passkey by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5890
fix css for locked screen by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5905
Abstract persistent files through Apache OpenDAL by @txase in https://github.com/dani-garcia/vaultwarden/pull/5626
Fix and improvements to password policies by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5923
Update Alpine to version 3.22 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5938
make css for login-page position independent by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5906
allow signup for invited users by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5967
fix account recovery withdrawal by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5968

Package Updates

[1.22.2]

Package Updates

[1.23.0]

Update vaultwarden to 1.35.0
Full Changelog
Implement support for SSO with OpenID Connect, https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect
Updated web vault to 2025.12.0
Added support for future mobile apps with versions 2026.1.0+
Fix multi delete slowdown by @BlackDex in #6144
Perform same checks when setting kdf by @Timshel in #6141
SSO using OpenID Connect by @Timshel in #3899
Delete SSO.md by @dani-garcia in #6152
Update webauthn-rs to 0.5.x by @zUnixorn in #5934
a little cleanup after SSO merge by @stefan0xC in #6153
Fix link to point to the wiki by @Timshel in #6157

Package Updates

[1.23.1]

Update vaultwarden to 1.35.1
Full Changelog
Fixed issue with applications being logged out after upgrading due to changes to refresh token parsing
Updated web vault to 2025.12.1
Correctly publish alpine tag, which was missing in 1.35.0
Re-add alpine tag by @dfunkt in #6626
Try old refresh token if we fail to decode jwt by @dani-garcia in #6629

Package Updates

[1.23.2]

Package Updates

[1.24.0]

Package Updates

[1.24.1]

Package Updates

[1.24.3]

Update vaultwarden to 1.35.4
Full Changelog
GHSA-w9f8-m526-h7fh. This vulnerability would allow an attacker to access a cipher from a different user (fully encrypted) if they already know its internal UUID.
GHSA-h4hq-rgvh-wh27. This vulnerability allows an attacker with manager-level access within an organization to modify collections they can access, even if they do not have management permissions for them.
GHSA-r32r-j5jq-3w4m. This vulnerability allows an attacker with manager-level access within an organization to modify collections they are not assigned.
Update Rust and Crates and GHA by @BlackDex in #6843
hide remember 2fa token by @stefan0xC in #6852
fix(send_invite): invite links by @proofofcopilot in #6824
Misc organization fixes by @BlackDex in #6867

Cloudron Forum