ctrliq/ascender 25.3.6

on GitHub

What's Changed

** Please take note that we utilize the new ascender-operator for this install, please ensure you update the installer to the latest git pull **

Notable Items

• Fix missing exception catch in create_partition by @Klaas- in #291
• Swap to using Inter fonts in #295
• Resolve highlighted Job Output being lost when scrolling in #296
• Resolve issue where highlighting Job Output text can cause the event popup in #298
• Resolve issue where Elapsed Timer doesn't start on Launch in #299
• Migrate from axios to native Fetch in #287
• Clean up some tests, resolve some deprecation warnings in #290

Upstream Patches

• Upstream 16366 - avoid delete in loop in inventory import in #281
• Upstream 16340 - NameError in wsrelay when JSON decode fails with DEB… in #282
• Upstream 16344 - Do not ignore errors on activity stream connection in #283
• Upstream 16346 - Delete unused contains method in #284
• Upstream 16013 - Remove deprecated custom virtual environment feature in #256

Security Fixes

These CVEs were against the underlying packages we depend on, not directly on Ascender. For several of these, we did not use the affected code at all. They were resolved nevertheless as they will still be reported on any vulnerability scan on the container in your environment.

• Upgrade aiohttp to resolve CVE-2026-22815 CVE-2026-34513 CVE-2026-34514 CVE-2026-34515 CVE-2026-34516 CVE-2026-34517 CVE-2026-34518 CVE-2026-34519 CVE-2026-34520 CVE-2026-34525 in #288
• Upgrade brace-expansion to resolve CVE-2026-33750 in #277
• Upgrade cryptography to resolve CVE-2026-34073 in #278
• Upgrade cryptography to resolve CVE-2026-39892 in #294
• Upgrade docs site requirements to resolve CVE-2026-25645 in #276
• Upgrade Django to resolve CVE-2026-3902 CVE-2026-33034 CVE-2026-33033 CVE-2026-4292 CVE-2026-4277 in #293
• Upgrade dynaconf to resolve CVE-2026-33154 in #270
• Upgrade flatted to resolve CVE-2026-32141 in #268
• Upgrade flatted to resolve CVE-2026-33228 in #272
• Upgrade lodash / lodash-es to resolve CVE-2026-4800 CVE-2026-2950 in #289
• Upgrade picomatch to resolve CVE-2026-33671 CVE-2026-33672 in #274
• Upgrade pyasn1 to resolve CVE-2026-30922 in #269
• Upgrade pygments to resolve CVE-2026-4539 in #280
• Upgrade PyJWT to resolve CVE-2026-32597 in #266
• Upgrade pyOpenSSL to resolve CVE-2026-27448 in #267
• Upgrade requests to resolve CVE-2026-25645 in #273
• Upgrade yaml to resolve CVE-2026-33532 in #275

Full Changelog: 25.3.5...25.3.6