this post was submitted on 12 Aug 2024
257 points (99.2% liked)

Selfhosted

40006 readers
827 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

See this post from another website for more context.

Important: Make a backup first, at least one user mentioned the update breaking their install

A new version (1.32.0) of Vaultwarden is out with security fixes:

This release has several CVE Reports fixed and we recommend everybody to update to the latest version as soon as possible.

CVE-2024-39924 Fixed via #4715

CVE-2024-39925 Fixed via #4837

CVE-2024-39926 Fixed via #4737

Release page

top 25 comments
sorted by: hot top controversial new old
[–] JASN_DE@lemmy.world 36 points 2 months ago

Docker image is already updated.

[–] keyez@lemmy.world 12 points 2 months ago

Interesting the CVEs don't have information yet and didn't appear to affect bitwarden and it's containers. Haven't seen a security release from them since around March.

[–] N1ghtstalk3r@lemmy.world 9 points 2 months ago

Thanks for the post OP, updating my VaultWarden docker instance ASAP.

[–] synapse1278@lemmy.world 8 points 2 months ago

Watchtower took care of that for me 👍

[–] milan@discuss.tchncs.de 7 points 2 months ago

updated a little while ago due to this post.. as the release number is not a .1, i wasn't expecting this addressing cves. thanks :)

[–] Ptsf@lemmy.world 5 points 2 months ago

Thanks for the psa op

[–] Lemmling@lemm.ee 4 points 2 months ago* (last edited 2 months ago) (1 children)

this update broke my installation :(. I have not updated it in a while. Now I have to rollback until I fix this. Hope the backup will work. EDIT: It was the reverse proxy. Check the developer notes before updating.

[–] otter@lemmy.ca 3 points 2 months ago

I'll include a note in the post about making a backup first, sorry about that!

[–] slym@lemmy.ca 4 points 2 months ago
[–] sudneo@lemm.ee 4 points 2 months ago

Thanks for the head's up!

[–] dandroid@sh.itjust.works 3 points 2 months ago

sudo systemctl restart vaultwarden.service

Done. :)

Thanks for the heads up.