Update now: ssh vulnerability 2024-07-01

Release overview

Earlier today, the OpenSSH project issued a patch that addresses a critical security issue that may allow a remote attacker to fully take over systems.

The affected openssh package in the UBOS repositories has been updated.

You are advised to upgrade immediately if your UBOS Device is in any way exposed to the internet.

You can read more about the issue in the OpenSSH release notes.

To upgrade

To be safe, first check the status of your Device:

• sudo ubos-admin status

and make sure everything is in working order. Then create a backup of all your sites, with a command such as:

• sudo ubos-admin backup --all --backuptodirectory ~

Then, update your device:

• sudo ubos-admin update -v

Depending on what apps you have installed and how much data they manage, and the speed of your disk and network, the upgrade can take a while.

Then restart your device:

• sudo systemctl restart

Need help?

Find us in the Fediverse at @ubos@mastodon.social with an app such as Mastodon.