Skip to content

Rackula

v0.9.5 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 19d Virtualization
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

av-rack capacity-planning dcim drag-and-drop self-hosted netbox
+10 more
network-infrastructure rack rack-diagram rack-layout self-host server-rack svelte sysadmin typescript visualization

Affected surfaces

crypto_tls deps

Summary

AI summary

Patched CVE-2026-31789 (OpenSSL heap buffer overflow) and cleared 7 related HIGH Alpine CVEs blocking prod deployment.

Changes in this release

Security Medium

Patched Alpine packages to resolve CVE-2026-31789 and clear 7 related HIGH CVEs

Patched Alpine packages to resolve CVE-2026-31789 and clear 7 related HIGH CVEs

Source: llm_adapter@2026-05-21

Confidence: low
Feature Medium

Added FS.COM brand pack with 4 switches and 4 missing Netgear models

Added FS.COM brand pack with 4 switches and 4 missing Netgear models

Source: llm_adapter@2026-05-21

Confidence: high
Dependency Medium

Upgraded TypeScript to 6.0.3, Svelte to 5.55.7, kysely to 0.28.17, and bumped @types/node, fast-uri, etc.

Upgraded TypeScript to 6.0.3, Svelte to 5.55.7, kysely to 0.28.17, and bumped @types/node, fast-uri, etc.

Source: llm_adapter@2026-05-21

Confidence: low
Bugfix Medium

Fixed Claude code review workflow on fork PRs

Fixed Claude code review workflow on fork PRs

Source: llm_adapter@2026-05-21

Confidence: high
Full changelog

Added

  • FS.COM brand pack with 4 switches (S8050-20Q4C, S5850-32S2Q, S5850-24S2Q, S3410-10TF-P) and 4 missing Netgear models (XSM7224S, GS752TXS, M4350-32F8V, M4350-24X8F8V) — first-time contribution from @churtado-tech (#1662)

Fixed

  • Claude code review workflow on fork PRs — use then revert to with fork skip (#1669, PR #1670, PR #1671)
  • Code quality findings from CodeQL/Copilot analysis (#1639, #1640)

Security

  • Patch Alpine packages in api Dockerfile to resolve CVE-2026-31789 (OpenSSL heap buffer overflow) and clear 7 related Alpine HIGH CVEs blocking the prod deploy gate (#1672)

Technical

  • TypeScript 5.9.3 → 6.0.3 (#1635)
  • Svelte 5.55.5 → 5.55.7 (#1667)
  • kysely 0.28.14 → 0.28.17 in /api (#1654)
  • Update CodeQL action version and exit code
  • VPS migration research documentation
  • Dependency bumps: @types/node, fast-uri, @eslint/compat, @vitest/eslint-plugin, typescript-eslint, and production/development dependency groups

Security Fixes

  • CVE-2026-31789 — OpenSSL heap buffer overflow patched in api Dockerfile; cleared 7 related Alpine HIGH CVEs
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Rackula

Get notified when new releases ship.

Sign up free

About Rackula

Open-source drag-and-drop rack layout designer

All releases →

Related context

Related CVEs

Earlier breaking changes

  • v26.5.0 Migrated from SemVer to CalVer versioning scheme

Beta — feedback welcome: [email protected]