[rpms/vaultwarden-web] rawhide: update to 2026.4.1 rhbz#2387335

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

From: Jonathan Wright <jonathan@almalinux.org>
To: git-commits@fedoraproject.org
Subject: [rpms/vaultwarden-web] rawhide: update to 2026.4.1 rhbz#2387335
Date: Wed, 03 Jun 2026 12:54:31 GMT	[thread overview]
Message-ID: <178049127180.1.7786859444637260083.rpms-vaultwarden-web-739afb748cf9@fedoraproject.org> (raw)

A new commit has been pushed.

Repo   : rpms/vaultwarden-web
Branch : rawhide
Commit : 739afb748cf9d6250f7bc475f68e2abdb757a9fb
Author : Jonathan Wright <jonathan@almalinux.org>
Date   : 2026-06-03T07:45:38-05:00
Stats  : +22/-9 in 3 file(s)
URL    : https://src.fedoraproject.org/rpms/vaultwarden-web/c/739afb748cf9d6250f7bc475f68e2abdb757a9fb?branch=rawhide

Log:
update to 2026.4.1 rhbz#2387335

---
diff --git a/.gitignore b/.gitignore
index 8331170..d851b6f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@
 /bw_web_v2024.6.2c.tar.gz
 /bw_web_v2025.1.1.tar.gz
 /bw_web_v2025.7.0.tar.gz
+/bw_web_v2026.4.1.tar.gz

diff --git a/sources b/sources
index fb11ad8..b4ee07f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (bw_web_v2025.7.0.tar.gz) = 4dd8ae30f06e18d2748605a685543f7d0a9af7a8c87171dab5c81a9faa2cfa207935dfbd098be2b4fde2fc4b7878c92e2efebaf4112acd61e44c04e3bc6a5cca
+SHA512 (bw_web_v2026.4.1.tar.gz) = 804e2031f062f90ff58fac90eeb4f07043367c96f1fd5acf0eaafa0b2b9a6240cca97e2ff9438a3fa160aac54e19febed83ef7e236aca6c43465ae698da3931a

diff --git a/vaultwarden-web.spec b/vaultwarden-web.spec
index 6aebfd9..759eb1c 100644
--- a/vaultwarden-web.spec
+++ b/vaultwarden-web.spec
@@ -1,6 +1,6 @@
 Name:           vaultwarden-web
-Version:        2025.7.0
-Release:        2%{?dist}
+Version:        2026.4.1
+Release:        1%{?dist}
 Summary:        Web vault for vaultwarden
 
 License:        GPL-3.0-only AND MIT AND BSD-3-Clause AND (MIT OR GPL-3.0-only)
@@ -11,15 +11,21 @@ Source1:        LICENSE.txt
 BuildArch:      noarch
 
 # these are all included static js libs
+Provides:       bundled(npm(@bitwarden/sdk-internal)) = 0.2.0~main.622
+Provides:       bundled(npm(angular)) = 20.3.18
+Provides:       bundled(npm(base64-js)) = 1.5.1
+Provides:       bundled(npm(big-integer)) = 1.6.52
 Provides:       bundled(npm(buffer)) = 6.0.3
+Provides:       bundled(npm(core-js)) = 3.48.0
+Provides:       bundled(npm(crypto-js)) = 4.2.0
+Provides:       bundled(npm(ieee754)) = 1.2.1
 Provides:       bundled(npm(jszip)) = 3.10.1
-Provides:       bundled(npm(papaparse)) = 5.4.1
 Provides:       bundled(npm(lunr)) = 2.3.9
-Provides:       bundled(npm(bootstrap) = 4.6.0
-Provides:       bundled(npm(jquery)) = 3.7.1
-Provides:       bundled(npm(ieee754))
-Provides:       bundled(npm(popper.js)) = 1.16.1
+Provides:       bundled(npm(node-forge)) = 1.3.2
+Provides:       bundled(npm(pako)) = 1.0.11
+Provides:       bundled(npm(papaparse)) = 5.5.3
 Provides:       bundled(npm(qrious)) = 4.0.2
+Provides:       bundled(npm(zone.js)) = 0.15.1
 
 
 %description
@@ -46,13 +52,19 @@ install -pm644 %{SOURCE1} %{_builddir}/web-vault/
 
 %files
 %license LICENSE.txt
-%license *.js.LICENSE.txt
 %license app/*.js.LICENSE.txt
 %license scripts/*.js.LICENSE.txt
 %{_datadir}/%{name}/
 
 
 %changelog
+* Wed Jun 03 2026 Jonathan Wright <jonathan@almalinux.org> - 2026.4.1-1
+- update to 2026.4.1 rhbz#2387335
+- Fixes CVE-2026-27803 Unauthorized collection management operations due to improper access control
+- Fixes CVE-2026-27801 Two-factor authentication bypass allows unauthorized access and data deletion
+- Fixes CVE-2026-27802 Privilege Escalation via Unauthorized Bulk Permission Update
+- Fixes CVE-2026-27898 Information disclosure via API partial update
+
 * Sat Jan 17 2026 Fedora Release Engineering <releng@fedoraproject.org> - 2025.7.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

                 reply	other threads:[~2026-06-03 12:54 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=178049127180.1.7786859444637260083.rpms-vaultwarden-web-739afb748cf9@fedoraproject.org \
    --to=jonathan@almalinux.org \
    --cc=git-commits@fedoraproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox