Today we have released updated Docker containers with the patches from Debian/Canonical for the Apache optionsbleed
vulnerability following the Ubuntu release of those security patches a few hours ago. Updated containers are available for the 1.8.2
, 1.8.1
and 1.8.0
release tags. For details of what optionsbleed
is, please see the references section at the bottom of the article.
We believe that assuming you have not modified the .htaccess
file that the project ships, there is no exposure to this vulnerability, however we are providing updated containers for a "belt and braces" approach.
If you are running a Xibo CMS with the official project Docker containers, then you may wish to consider updating the containers to apply the patch.
To update, please use the following instructions:
- Locate your existing Xibo CMS Docker installation. It will be where you have your
shared
folder and yourconfig.env
file. - Before attempting the update, please be sure that your media and database files are being correctly written to the
shared
directory. This is particularly important if you are running on a Windows computer. To do so, upload for example an image in to the CMS, and check that the same image appears in theshared/cms/library
directory. Another good check is to make sure thatshared/backup/db/latest.tar.gz
was created within the last 24 hours. If either of those checks fail, please do not proceed with the update as this will lead to data loss. Seek support to recover the situation. - Open a shell/command prompt and change in to the location of your installation:
Windows:
c:\> cd\xibo
Linux:
cd /opt/xibo
- Run the following
docker-compose
commands, assuming you don't use remote mysql or custom ports.
docker-compose pull
docker-compose up -d
The CMS containers will restart with the patched version of Apache.
- If you use remote-mysql or custom-ports variants of the docker-compose file, then don't forget to add in the
-f
option for that:
docker-compose -f cms_custom-ports.yml pull
docker-compose -f cms_custom-ports.yml up -d
or
docker-compose -f cms_remote-mysql.yml pull
docker-compose -f cms_remote-mysql.yml up -d
There will be a short period where the CMS is unavailable ranging from a few seconds to a few minutes. Please be patient.
If you are running Apache in front of your Docker containers as a reverse proxy, you should also ensure that is updated to the latest version from your provider. On most current Linux systems, that will simply mean applying the latest updates from your distribution.
References:
More
Read more from the blog
Top 7 Retail Digital Signage Trends in 2025
Learn more about 2025’s retail digital signage trends. Whether retail media networks or AI-driven retail media planning, the upcoming year has a lot in store for retailers.
Holiday Opening Times and Dispatch Deadlines 2024/2025
Please note our holiday opening hours and dispatch deadlines for 2024/25.
More
Read more from the blog