Releases: rucio/containers
Releases · rucio/containers
Rucio 35.8.2 LTS patch release
ui: downgrade setuptools to 53.0.0-13.el9_6.1 instead of uninstalling…
Rucio 39.2.0 minor release
webui: apply dowgrade setuptools workaround
Rucio 39.1.0 minor release
webui: apply dowgrade setuptools workaround
Rucio WebUI 39.3.0
What's Changed
Security Updates
- fix(packages): bump react to 19.2.4 and nextjs to 15.5.11 by @maany in rucio/webui#693
- fix(packages): upgrade packages with critical downstream vulnerabilities by @maany in rucio/webui#695
Security Advisory
Important: Docker containers for Rucio WebUI versions 38.2.0, 38.2.1, and 38.2.2 shipped with vulnerable downstream dependencies. Users running these versions should upgrade immediately.
Critical Vulnerabilities Addressed
| Vulnerability | Affected Versions | Severity |
|---|---|---|
| react2shell CVE-2025-55182, CVE-2025-66478 | 38.2.0, 38.2.1 | Critical |
| cipher-base, sha.js, pbkdf2 | 38.2.x | Critical |
| elliptic (ECDSA/EDDSA signatures) | 38.2.x | Critical |
Recommendation
All users are strongly encouraged to upgrade to v38.3.0 or later immediately.
Full Changelog: rucio/webui@38.2.0...38.3.0
Contributors
maany
Assets 2
Rucio WebUI 39.2.0
Rucio WebUI 39.1.1
What's Changed
Rucio WebUI 39.1.0
What's Changed
Containers
WebUI
Contributors
maany