Vaultwarden - Package Updates
-
[1.22.0]
- add checklist item about registration
-
[1.22.1]
- Update vaultwarden to 1.34.2
- Full Changelog
- Updated web vault to 2025.7.0
- Included experimental support for S3 file backend using OpenDAL. This currently requires compiling from source with the
s3feature flag, check https://github.com/dani-garcia/vaultwarden/pull/5626 for more details. - fix css to hide login with passkey by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5890
- fix css for locked screen by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5905
- Abstract persistent files through Apache OpenDAL by @txase in https://github.com/dani-garcia/vaultwarden/pull/5626
- Fix and improvements to password policies by @Timshel in https://github.com/dani-garcia/vaultwarden/pull/5923
- Update Alpine to version 3.22 by @dfunkt in https://github.com/dani-garcia/vaultwarden/pull/5938
- make css for login-page position independent by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5906
- allow signup for invited users by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5967
- fix account recovery withdrawal by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/5968
-
[1.22.2]
- Update vaultwarden to 1.34.3
- Full Changelog
- Update crates to trigger rebuild for mysql issue by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/6111
- fix hiding of signup link by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/6113
-
[1.23.0]
- Update vaultwarden to 1.35.0
- Full Changelog
- Implement support for SSO with OpenID Connect, https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect
- Updated web vault to 2025.12.0
- Added support for future mobile apps with versions 2026.1.0+
- Fix multi delete slowdown by @BlackDex in #6144
- Perform same checks when setting kdf by @Timshel in #6141
- SSO using OpenID Connect by @Timshel in #3899
- Delete SSO.md by @dani-garcia in #6152
- Update webauthn-rs to 0.5.x by @zUnixorn in #5934
- a little cleanup after SSO merge by @stefan0xC in #6153
- Fix link to point to the wiki by @Timshel in #6157
-
[1.23.1]
- Update vaultwarden to 1.35.1
- Full Changelog
- Fixed issue with applications being logged out after upgrading due to changes to refresh token parsing
- Updated web vault to 2025.12.1
- Correctly publish
alpinetag, which was missing in 1.35.0 - Re-add
alpinetag by @dfunkt in #6626 - Try old refresh token if we fail to decode jwt by @dani-garcia in #6629
-
[1.23.2]
- Update vaultwarden to 1.35.2
- Full Changelog
- update web-vault to fix org creation by @stefan0xC in #6646
- return no content with status code 204 by @stefan0xC in #6665
- allow MasterPasswordHash for Android by @stefan0xC in #6673
- improve sso callback path by @stefan0xC in #6676
- Fix web-vault version check and update web-vault by @BlackDex in #6686
-
[1.24.0]
- OIDC auth implemented
-
[1.24.1]
- Fix up postinstall and checklist
-
[1.24.3]
- Update vaultwarden to 1.35.4
- Full Changelog
- GHSA-w9f8-m526-h7fh. This vulnerability would allow an attacker to access a cipher from a different user (fully encrypted) if they already know its internal UUID.
- GHSA-h4hq-rgvh-wh27. This vulnerability allows an attacker with manager-level access within an organization to modify collections they can access, even if they do not have management permissions for them.
- GHSA-r32r-j5jq-3w4m. This vulnerability allows an attacker with manager-level access within an organization to modify collections they are not assigned.
- Update Rust and Crates and GHA by @BlackDex in #6843
- hide remember 2fa token by @stefan0xC in #6852
- fix(send_invite): invite links by @proofofcopilot in #6824
- Misc organization fixes by @BlackDex in #6867
-
P Package Updates locked this topic
-
[1.24.4]
- Update vaultwarden to 1.35.8
- Full Changelog
- Dummy org Master password policy auth fix by @Timshel in #7097
- Fix recovery-code not working by @BlackDex in #7102
- Fix invalid refresh token response by @BlackDex in #7105
- Fix 2FA for Android by @BlackDex in #7093
- Fix MFA Remember by @BlackDex in #7085
- GHSA-937x-3j8m-7w7p Unconfirmed Owner Can Purge Entire Organization Vault.
- GHSA-569v-845w-g82p Cross-Org Group Binding Enables Unauthorized Read And Write Access Into Another Organization
- GHSA-6j4w-g4jh-xjfx Refresh tokens not invalidated on security stamp rotation
- Two Factor Remember Tokens are now valid for max 30 days. Old tokens are invalid directly after upgrading.
- Rotate refresh-tokens on sstamp reset by @BlackDex in #7031
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login