Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps - Status | Demo | Docs | Install
  1. Cloudron Forum
  2. Metabase
  3. Requesting an expedited build of v0.58.7

Requesting an expedited build of v0.58.7

Scheduled Pinned Locked Moved Metabase
6 Posts 3 Posters 27 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S Offline
    S Offline
    sparkwise
    wrote last edited by sparkwise
    #1

    Metabase posted this security advisory today: Authenticated users are able to retrieve sensitive information from a Metabase instance, including database access credentials. I went to update to v0.58.7, and see that it isn't available yet on Cloudron. Wanted to request an expedited build.

    From my read of the security advisory, disabling outbound email is a sufficient workaround until the new build is installed. I've done this by providing Metabase with invalid SMTP credentials in env.sh

    1 Reply Last reply
    1
    • J Offline
      J Offline
      joseph
      Staff
      wrote last edited by
      #2

      @sparkwise is this already released? Can't see it at https://github.com/metabase/metabase/tags

      1 Reply Last reply
      0
      • J Offline
        J Offline
        joseph
        Staff
        wrote last edited by
        #3

        OK, the advisory has a link to a binary but there is not tag yet.

        1 Reply Last reply
        1
        • S Offline
          S Offline
          sparkwise
          wrote last edited by
          #4

          @joseph I'll share that with them.

          1 Reply Last reply
          0
          • girishG Offline
            girishG Offline
            girish
            Staff
            wrote last edited by
            #5

            @sparkwise thanks for the heads up. I made a new package release now .

            1 Reply Last reply
            1
            • S Offline
              S Offline
              sparkwise
              wrote last edited by
              #6

              Thanks, @girish!

              1 Reply Last reply
              0
              Reply
              • Reply as topic
              Log in to reply
              • Oldest to Newest
              • Newest to Oldest
              • Most Votes

              • Login
              • Don't have an account? Register
              • Login or register to search.
              • First post
                Last post
              0
              • Categories
              • Recent
              • Tags
              • Popular
              • Bookmarks
              • Search