CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2026/02/24 13:03:15
Modified files:
security/vaultwarden: Makefile crates.inc distinfo
Log message:
Security update to vaultwarden-1.35.4
This release contains security fixes:
- GHSA-w9f8-m526-h7fh. This vulnerability would allow an attacker to
access a cipher from a different user (fully encrypted) if they
already know its internal UUID.
- GHSA-h4hq-rgvh-wh27. This vulnerability allows an attacker with
manager-level access within an organization to modify collections they
can access, even if they do not have management permissions for them.
- GHSA-r32r-j5jq-3w4m. This vulnerability allows an attacker with
manager-level access within an organization to modify collections they
are not assigned. These are private for now, pending CVE assignment.
Changes: https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.4
