DigitalOcean

Report this

What is the reason for this report?
Question

Regarding updates for Metabase

Posted on July 21, 2023
Security
EatingAquamarineScubaDiver

By EatingAquamarineScubaDiver

Since a couple of days I have a VPC running by the use of the Metabase pre-install on the Ubuntu image from the Digital Ocean Marketplace. One hour ago I was informed by Metabase that there has been a security vulnerability been found and reported which they fixed. Since I have Metabase running on a Ubuntu server I’m wondering if it’s sufficient to ‘patch’ the packages through the Ubuntu terminal, or if there is anything else required to patch this current, but future vulnerabilities aswell?

I did scan through the apt list --upgradable, but couldn’t find any spicific packages which I know are related to Metabase.

PS: Metabase’s security issue mentions this message: If you are using the open source edition of Metabase, you can access the latest patched release version at https://downloads.metabase.com/v0.46.6.1/metabase.jar or via the docker image metabase/metabase:latest or metabase/metabase:v0.46.6.1



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Bobby
Bobby
July 25, 2023

Accepted Answer

Hi there,

I’ve just created a new Metabase server from the Marketplace and if your setup is the same, you would need to follow these steps here:

  • Take a backup of your Droplet so that you could revert back in case that anything goes wrong!

  • Then start by stopping the Metabase service:

systemctl stop metabase.service
  • Access the Metabase directory:
cd /opt/metabase/
  • Backup the old Metabase jar file:
mv metabase.jar metabase.jar-bak
  • Download the new jar file:
wget https://downloads.metabase.com/v0.46.6.1/metabase.jar
  • Start the service again:
systemctl start metabase.service
  • Check the status of the service:
systemctl status metabase.service

Hope that this helps!

Best,

Bobby

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.