OpenTalk v25.2.2+security-patch.1
Release notes
This release addresses these CVEs found in the container images:
- Out-of-bounds read & write in RFC 3211 KEK Unwrap - (CVE-2025-9230)
- Out-of-bounds read in HTTP client no_proxy handling - (CVE-2025-9232)
Component versions
| Category | Component | Version |
|---|---|---|
| Frontend | web-frontend | v2.5.6-1 |
| Services | controller | v0.30.3-3 |
| Services | obelisk | v0.20.3-2 |
| Services | recorder | v0.15.1-1 |
| Services | smtp-mailer | v0.14.0-2 |
| Integrations | outlook-add-in | v0.2.1-1 |
| Documentation | ot-setup | v25.2.2-2 |
| 3rd-Party Components | ot-spacedeck | v2.0.1-1 |
| 3rd-Party Components | ot-etherpad | v2.0.0-1 |
| 3rd-Party Components | livekit-server | v1.8.4 |
| 3rd-Party Components | keycloak | v20.0.5 |
| 3rd-Party Components | postgres | v15.12.0 |
| 3rd-Party Components | rabbitmq | v3.13.7 |
| 3rd-Party Components | redis | v7.4.6 |
| 3rd-Party Components | minio | RELEASE.2025-02-28T09-55-16Z |
redis v7.4.6
Generation of this document was supported by retoki.