Since a couple of days I have a VPC running by the use of the Metabase pre-install on the Ubuntu image from the Digital Ocean Marketplace. One hour ago I was informed by Metabase that there has been a security vulnerability been found and reported which they fixed. Since I have Metabase running on a Ubuntu server I’m wondering if it’s sufficient to ‘patch’ the packages through the Ubuntu terminal, or if there is anything else required to patch this current, but future vulnerabilities aswell?
I did scan through the apt list --upgradable, but couldn’t find any spicific packages which I know are related to Metabase.
PS: Metabase’s security issue mentions this message: If you are using the open source edition of Metabase, you can access the latest patched release version at https://downloads.metabase.com/v0.46.6.1/metabase.jar or via the docker image metabase/metabase:latest or metabase/metabase:v0.46.6.1
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi there,
I’ve just created a new Metabase server from the Marketplace and if your setup is the same, you would need to follow these steps here:
Take a backup of your Droplet so that you could revert back in case that anything goes wrong!
Then start by stopping the Metabase service:
jar
file:jar
file:Hope that this helps!
Best,
Bobby