We are happy to announce OpenVox-Agent 8.28.0 and 9.0.0-alpha2!
OpenVox Agent 8.28.0 has just been published to our mirror! Mac, Windows & Linux packages are available. We also added Fedora 44 support.
What does the release contain? Mostly CVE fixes that were released yesterday with OpenSSL 3.0.21:
| Identifier | CVSS 3.1 Score | Resolved By |
|---|---|---|
| CVE-2026-34182 | 9.1 | pkg:github/openssl/[email protected] |
| CVE-2026-45447 | 8.8 | pkg:github/openssl/[email protected] |
| CVE-2026-7383 | 8.1 | pkg:github/openssl/[email protected] |
| CVE-2026-45445 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-34180 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-9076 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-42766 | 5.9 | pkg:github/openssl/[email protected] |
| CVE-2026-45446 | 4.8 | pkg:github/openssl/[email protected] |
| CVE-2026-42770 | 3.7 | pkg:github/openssl/[email protected] |
New Features ๐
- Backport: Add Platform definitions for Fedora 44 to 8.x by @Sharpie in github.com/OpenVoxProject/openvox/pull/459
Bug Fixes ๐
- [Backport 8.x] Manage group members on EL 10 without libuser by @OpenVoxProjectBot in github.com/OpenVoxProject/openvox/pull/477
- [Backport 8.x] Fix File.open Ruby 3.2 regression in FileSystem::Uniquefile by @OpenVoxProjectBot in github.com/OpenVoxProject/openvox/pull/478
Other Changes
- Promote puppet-runtime 2026.06.09.1 into 8.x by @OpenVoxProjectBot in github.com/OpenVoxProject/openvox/pull/48
Our docs got also updated for 8.28.0.
And OpenVox 9?
We have a new set of alpha packages. For apt/yum, those are now actual repos with release files that you can use, not just plain download links.
There are a couple big changes with this release:
- Windows packages have arrived. This brings a build of Ruby 4 from a new toolchain based on MSYS2 + MINGW-w64. OpenVox 8 continues to use the old Cygwin + MINGW toolchain. One benefit of this new build is that we now use the same
x64-mingw-ucrtplatform as upstream Ruby. This means gems with compiled extensions, e.g.gem install nokogiri, should be able to use pre-compiled builds from rubygems.org without requiring the Windows node to have a compiler and dev tools installed. Massive thanks to Sebastian Rakel for figuring out how to get the MSYS2 build running side-by-side with the existing Cygwin build. - A 9.0.0.pre.alpha2 version of the openvox gem has been published, for use in running test pipelines against the OpenVox 9 pre-release.
This version also contains CVE fixes from yesterdayโs OpenSSL 3.5.7 release.
| Identifier | CVSS 3.1 Score | Resolved By |
|---|---|---|
| CVE-2026-34182 | 9.1 | pkg:github/openssl/[email protected] |
| CVE-2026-45447 | 8.8 | pkg:github/openssl/[email protected] |
| CVE-2026-7383 | 8.1 | pkg:github/openssl/[email protected] |
| CVE-2026-45445 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-42764 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-34183 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-34180 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-9076 | 7.5 | pkg:github/openssl/[email protected] |
| CVE-2026-34181 | 7.4 | pkg:github/openssl/[email protected] |
| CVE-2026-42767 | 5.9 | pkg:github/openssl/[email protected] |
| CVE-2026-42766 | 5.9 | pkg:github/openssl/[email protected] |
| CVE-2026-42769 | 5.3 | pkg:github/openssl/[email protected] |
| CVE-2026-45446 | 4.8 | pkg:github/openssl/[email protected] |
| CVE-2026-42770 | 3.7 | pkg:github/openssl/[email protected] |
| CVE-2026-42768 | 3.7 | pkg:github/openssl/[email protected] |
Breaking Changes ๐
- Decouple :posix feature from :syslog library check by @silug in github.com/OpenVoxProject/openvox/pull/458
- remove pe_serverversion fact by @corporate-gadfly in github.com/OpenVoxProject/openvox/pull/39
- return to preprocessing deferred functions by default by @binford2k in github.com/OpenVoxProject/openvox/pull/462
New Features ๐
- Add windows-msys2-x64 build for OpenVox 9 by @Sharpie in github.com/OpenVoxProject/openvox/pull/468
Bug Fixes ๐
- Manage group members on EL 10 without libuser by @Sharpie in github.com/OpenVoxProject/openvox/pull/476
- Fix File.open Ruby 3.2 regression in FileSystem::Uniquefile by @JonasVerhofste in github.com/OpenVoxProject/openvox/pull/45
Other Changes
- Add JRuby 10.0.5.0 and 10.1.0.0 to test matrix by @silug in github.com/OpenVoxProject/openvox/pull/463
- CI: Use bot account for backports by @bastelfreak in github.com/OpenVoxProject/openvox/pull/472
- Promote puppet-runtime 2026.06.09.1 into main by @OpenVoxProjectBot in github.com/OpenVoxProject/openvox/pull/479
New Contributors
- @JonasVerhofste made their first contribution in github.com/OpenVoxProject/openvox/pull/450
Please download and test the new releases and provide feedback in the openvox Slack/IRC channel. We will provide new OpenBolt and OpenVox-Server/DB packages in the next couple of days as well.