25.1.0
What's Changed
- Adding toast handler to fix errors when using list approve or deny buttons
- Address first_found skip bug in Ansible 2.16
- Add Labels listing to start using Labels as pseudo-folders for Templates
- Allow Menu Header logo to be customized
- Allow Menu gradient to be disabled
- Database deadlock by awx_callback_receiver_worker and awx_dispatcher_worker
- Facts are unintentionally deleted when the inventory is modified during a job execution
- Fix issue with saving System Settings when using local overrides
- Fix 404 error when logging in
- Fix issue on notifications when viewing a notification for a webhook
- Fix notification name search
- Fix instance peering pagination
- Resolve multiple warnings during build process
- Send job_lifecycle logs to external loggers
- Update to Python 3.11
Security Fixes
- Updated python / npm dependencies to resolve multiple CVEs.
These CVEs were against the underlying packages we depend on, not directly on Ascender. For several of these, we did not use the affected code at all. They were resolved nevertheless as they will still be reported on any vulnerability scan on the container in your environment.
- Migrate to Lingui v4 to resolve CVE-2024-21528
- Upgrade aiohttp to resolve CVE-2024-52304
- Upgrade azure-identity to resolve CVE-2024-35255
- Upgrade brace-expansion to resolve CVE-2025-5889
- Upgrade django to resolve CVE-2025-48432, CVE-2025-32873, CVE-2024-53908
- Upgrade http-proxy-middleware to resolve CVE-2025-32996, CVE-2025-32997, CVE-2024-21536
- Upgrade jinja2 to resolve CVE-2024-56326, CVE-2024-56201
- Upgrade pip to resolve CVE-2023-5752
- Upgrade requests to resolve CVE-2024-47081
- Upgrade setuptools to resolve CVE-2025-47273, CVE-2024-6345
- Upgrade path-to-regexp to resolve CVE-2024-52798
- Upgrade nanoid to resolve CVE-2024-55565,
- Upgrade cross-spawn to resolve CVE-2024-21538,
- Upgrade express to resolve CVE-2024-47764
Full Changelog: 25.0.0...25.1.0