OpenTalk v25.3.0+security-patch.1
Release notes
This release addresses these CVEs found in the container images:
- Out-of-bounds read & write in RFC 3211 KEK Unwrap - (CVE-2025-9230)
- Out-of-bounds read in HTTP client no_proxy handling - (CVE-2025-9232)
Component versions
| Category | Component | Version |
|---|---|---|
| Frontend | web-frontend | v2.6.2-1 |
| Services | controller | v0.31.0-3 |
| Services | obelisk | v0.20.3-2 |
| Services | recorder | v0.15.1-1 |
| Services | smtp-mailer | v0.15.0-2 |
| Integrations | outlook-add-in | v0.2.6-1 |
| Documentation | ot-setup | v25.3.0-2 |
| 3rd-Party Components | ot-spacedeck | v2.0.2-1 |
| 3rd-Party Components | ot-etherpad | v2.0.1-1 |
| 3rd-Party Components | livekit-server | v1.9.0 |
| 3rd-Party Components | keycloak | v26.3.2 |
| 3rd-Party Components | postgres | v16.10.0 |
| 3rd-Party Components | rabbitmq | v4.1.2 |
| 3rd-Party Components | redis | v8.0.3 |
| 3rd-Party Components | minio | RELEASE.2025-06-13T11-33-47Z |
Generation of this document was supported by retoki.