Skip to content

v0.2.1 - Security Patch Release

Choose a tag to compare

@davidamacey davidamacey released this 13 Dec 14:55

Security Patch Release

This release addresses critical container vulnerabilities identified in security scans. All users are encouraged to update.

Resolved Critical CVEs (4 → 0)

CVE Package Severity Status
CVE-2025-47917 libmbedcrypto CRITICAL ✅ Fixed
CVE-2023-6879 libaom3 CRITICAL ✅ Fixed
CVE-2025-7458 libsqlite3 CRITICAL ✅ Fixed
CVE-2023-45853 zlib CRITICAL ✅ Fixed

Container Updates

Frontend:

  • nginx:1.29.3-alpine3.22nginx:1.29.4-alpine3.23
  • Fixed 6 vulnerabilities (3 HIGH, 3 MEDIUM) in libpng and busybox
  • Added HEALTHCHECK instruction

Backend:

  • python:3.12-slim-bookwormpython:3.13-slim-trixie
  • Debian 12 → Debian 13 "trixie"
  • Python 3.12 → Python 3.13
  • Added HEALTHCHECK instruction

How to Update

Docker Compose:

docker compose pull
docker compose up -d

Manual:

docker pull davidamacey/opentranscribe-frontend:v0.2.1
docker pull davidamacey/opentranscribe-backend:v0.2.1

Full Changelog

See CHANGELOG.md for complete details.


🔒 Your security is our priority. Thank you for using OpenTranscribe.