Site Maintenance

(Michael Friedrich) #1

Hi,

Container Security Upgrades

With the release of CVE-2019-5736 recently discovered in Docker, I’ve taken the platform offline to ensure that it is not affected and no possible data leak may happen. This took a little longer than expected since my spare time is very limited these days and I am not really a Docker pro.

Next to analysing the CVE and mitigating possible problems, the platform received upgrades in the underlaying container infrastructure. This also includes upgrading the archive containers from Ubuntu 14 to Ubuntu 18 and fixing runtime config issues.

Future base image upgrades will happen more often, that’s a lesson learned with containers.

Retiring the Woltlab Archive

That being said, I’d also suggest to create your personal backup for topics belonging to the Woltlab archive. The used software with 3/5.0.x reaches EOL in a bit, and then no more security related fixes can be applied to the archive resulting in a shutdown.

Ads

As you may know, not everything is free here and my attempts in financing the platform only had one donor (thx Carsten), so ads will stay here for the time being.

In case you’d want to maintain the platform in the future, feel free to reachout.

Cheers,
Michael

5 Likes