Merge pull request #361 from Sharpie/openbolt-560

Sharpie · web-flow · commit a28e3a2e3bf5 · 2026-06-22T16:11:35.000-05:00
OpenBolt 5.6.0 + CVE fix lists
diff --git a/docs/_openbolt_5x/release_notes.md b/docs/_openbolt_5x/release_notes.md
@@ -5,18 +5,79 @@ title: OpenBolt release notes
 
 This page documents the history of the OpenBolt 5.x series.
 
+## OpenBolt 5.6.0
+
+Released on June 17, 2026
+
+Please check the [GitHub OpenBolt release page](https://github.com/OpenVoxProject/openbolt/releases/tag/5.6.0) for details on new features or bug fixes.
+
+### Security Issues Resolved in 5.6.0
+
+| Identifier                                                        | CVSS 3.1 Score | Resolved By                         |
+| :---------------------------------------------------------------- | :------------: | :---------------------------------- |
+| [CVE-2026-41316](https://nvd.nist.gov/vuln/detail/CVE-2026-41316) |       8.1      | `pkg:gem/erb@4.0.3.1`               |
+| [CVE-2026-33637](https://nvd.nist.gov/vuln/detail/CVE-2026-33637) |       6.5      | `pkg:gem/faraday@2.14.2`            |
+| [CVE-2026-42258](https://nvd.nist.gov/vuln/detail/CVE-2026-42258) |       9.8      | `pkg:gem/net-imap@0.4.24`           |
+| [CVE-2026-42257](https://nvd.nist.gov/vuln/detail/CVE-2026-42257) |       9.8      | `pkg:gem/net-imap@0.4.24`           |
+| [CVE-2026-42245](https://nvd.nist.gov/vuln/detail/CVE-2026-42245) |       7.5      | `pkg:gem/net-imap@0.4.24`           |
+| [CVE-2026-42246](https://nvd.nist.gov/vuln/detail/CVE-2026-42246) |       7.4      | `pkg:gem/net-imap@0.4.24`           |
+| [CVE-2025-6021](https://nvd.nist.gov/vuln/detail/CVE-2025-6021)   |       7.5      | `pkg:github/gnome/libxml2@2.15.3`   |
+| [CVE-2026-6732](https://nvd.nist.gov/vuln/detail/CVE-2026-6732)   |       7.5      | `pkg:github/gnome/libxml2@2.15.3`   |
+| [CVE-2025-6170](https://nvd.nist.gov/vuln/detail/CVE-2025-6170)   |       2.5      | `pkg:github/gnome/libxml2@2.15.3`   |
+| [CVE-2026-34182](https://nvd.nist.gov/vuln/detail/CVE-2026-34182) |       9.1      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-45447](https://nvd.nist.gov/vuln/detail/CVE-2026-45447) |       8.8      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-7383](https://nvd.nist.gov/vuln/detail/CVE-2026-7383)   |       8.1      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-34180](https://nvd.nist.gov/vuln/detail/CVE-2026-34180) |       7.5      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-45445](https://nvd.nist.gov/vuln/detail/CVE-2026-45445) |       7.5      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-9076](https://nvd.nist.gov/vuln/detail/CVE-2026-9076)   |       7.5      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-42766](https://nvd.nist.gov/vuln/detail/CVE-2026-42766) |       5.9      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-42767](https://nvd.nist.gov/vuln/detail/CVE-2026-42767) |       5.9      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-45446](https://nvd.nist.gov/vuln/detail/CVE-2026-45446) |       4.8      | `pkg:github/openssl/openssl@3.0.21` |
+| [CVE-2026-42770](https://nvd.nist.gov/vuln/detail/CVE-2026-42770) |       3.7      | `pkg:github/openssl/openssl@3.0.21` |
+
 ## OpenBolt 5.5.0
 
 Released on April 30, 2026
 
 Please check the [GitHub OpenBolt release page](https://github.com/OpenVoxProject/openbolt/releases/tag/5.5.0) for details on new features or bug fixes.
 
+### Security Issues Resolved in 5.5.0
+
+| Identifier                                                        | CVSS 3.1 Score | Resolved By                         |
+| :---------------------------------------------------------------- | :------------: | :---------------------------------- |
+| [CVE-2026-35611](https://nvd.nist.gov/vuln/detail/CVE-2026-35611) |       7.5      | `pkg:gem/addressable@2.9.0`         |
+| [CVE-2026-41493](https://nvd.nist.gov/vuln/detail/CVE-2026-41493) |       7.5      | `pkg:gem/yard@0.9.43`               |
+| [CVE-2026-27820](https://nvd.nist.gov/vuln/detail/CVE-2026-27820) |       9.8      | `pkg:gem/zlib@3.0.1`                |
+| [CVE-2026-31789](https://nvd.nist.gov/vuln/detail/CVE-2026-31789) |       9.8      | `pkg:github/openssl/openssl@3.0.20` |
+| [CVE-2026-28387](https://nvd.nist.gov/vuln/detail/CVE-2026-28387) |       8.1      | `pkg:github/openssl/openssl@3.0.20` |
+| [CVE-2026-31790](https://nvd.nist.gov/vuln/detail/CVE-2026-31790) |       7.5      | `pkg:github/openssl/openssl@3.0.20` |
+| [CVE-2026-28388](https://nvd.nist.gov/vuln/detail/CVE-2026-28388) |       7.5      | `pkg:github/openssl/openssl@3.0.20` |
+| [CVE-2026-28389](https://nvd.nist.gov/vuln/detail/CVE-2026-28389) |       7.5      | `pkg:github/openssl/openssl@3.0.20` |
+| [CVE-2026-28390](https://nvd.nist.gov/vuln/detail/CVE-2026-28390) |       7.5      | `pkg:github/openssl/openssl@3.0.20` |
+
 ## OpenBolt 5.4.0
 
 Released on March 4, 2026
 
 Please check the [GitHub OpenBolt release page](https://github.com/OpenVoxProject/openbolt/releases/tag/5.4.0) for details on new features or bug fixes.
 
+### Security Issues Resolved in 5.4.0
+
+| Identifier                                                        | CVSS 3.1 Score | Resolved By                         |
+| :---------------------------------------------------------------- | :------------: | :---------------------------------- |
+| [CVE-2026-25765](https://nvd.nist.gov/vuln/detail/CVE-2026-25765) |       5.8      | `pkg:gem/faraday@2.14.1`            |
+| [CVE-2025-24294](https://nvd.nist.gov/vuln/detail/CVE-2025-24294) |       7.5      | `pkg:gem/resolv@0.2.3`              |
+| [CVE-2025-58767](https://nvd.nist.gov/vuln/detail/CVE-2025-58767) |       5.3      | `pkg:gem/rexml@3.4.4`               |
+| [CVE-2025-61594](https://nvd.nist.gov/vuln/detail/CVE-2025-61594) |       7.5      | `pkg:gem/uri@0.12.5`                |
+| [CVE-2025-15467](https://nvd.nist.gov/vuln/detail/CVE-2025-15467) |       8.8      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2025-69421](https://nvd.nist.gov/vuln/detail/CVE-2025-69421) |       7.5      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2025-69420](https://nvd.nist.gov/vuln/detail/CVE-2025-69420) |       7.5      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2025-69419](https://nvd.nist.gov/vuln/detail/CVE-2025-69419) |       7.4      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2026-22795](https://nvd.nist.gov/vuln/detail/CVE-2026-22795) |       5.5      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2026-22796](https://nvd.nist.gov/vuln/detail/CVE-2026-22796) |       5.3      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2025-68160](https://nvd.nist.gov/vuln/detail/CVE-2025-68160) |       4.7      | `pkg:github/openssl/openssl@3.0.19` |
+| [CVE-2025-69418](https://nvd.nist.gov/vuln/detail/CVE-2025-69418) |       4.0      | `pkg:github/openssl/openssl@3.0.19` |
+
 ## OpenBolt 5.3.0
 
 Released on December 16, 2025
