Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Ghost
  3. Ghost: Urgent Security Update

Ghost: Urgent Security Update

Scheduled Pinned Locked Moved Solved Ghost
9 Posts 4 Posters 1.6k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • marcusquinnM Online
    marcusquinnM Online
    marcusquinn
    wrote on last edited by
    #1
    • https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8

    This doesn't seem to have been applied yet?

    Web Design https://www.evergreen.je
    Development https://brandlight.org
    Life https://marcusquinn.com

    jdaviescoatesJ 1 Reply Last reply
    1
    • marcusquinnM marcusquinn
      • https://github.com/TryGhost/Ghost/security/advisories/GHSA-7v28-g2pq-ggg8

      This doesn't seem to have been applied yet?

      jdaviescoatesJ Online
      jdaviescoatesJ Online
      jdaviescoates
      wrote on last edited by
      #2

      @marcusquinn Fixed in 5.2.3, which is what Cloudron is on ( and has been for a while, I think since v soon after it was available )

      I use Cloudron with Gandi & Hetzner

      1 Reply Last reply
      0
      • marcusquinnM Online
        marcusquinnM Online
        marcusquinn
        wrote on last edited by
        #3

        I've clicked "Check for Updates" several times, and it's not offering me anything beyond 5.2.2 😞

        Web Design https://www.evergreen.je
        Development https://brandlight.org
        Life https://marcusquinn.com

        jdaviescoatesJ 1 Reply Last reply
        0
        • marcusquinnM marcusquinn

          I've clicked "Check for Updates" several times, and it's not offering me anything beyond 5.2.2 😞

          jdaviescoatesJ Online
          jdaviescoatesJ Online
          jdaviescoates
          wrote on last edited by
          #4

          @marcusquinn sounds like you need to update Cloudron

          I use Cloudron with Gandi & Hetzner

          marcusquinnM 1 Reply Last reply
          1
          • jdaviescoatesJ jdaviescoates

            @marcusquinn sounds like you need to update Cloudron

            marcusquinnM Online
            marcusquinnM Online
            marcusquinn
            wrote on last edited by
            #5

            @jdaviescoates No can do for this version, as it breaks our LDAP integrations. App updates really should not be tied to Cloudron updates either. I can't imagine why they would be in this case either.

            Web Design https://www.evergreen.je
            Development https://brandlight.org
            Life https://marcusquinn.com

            girishG jdaviescoatesJ fbartelsF 3 Replies Last reply
            0
            • marcusquinnM marcusquinn

              @jdaviescoates No can do for this version, as it breaks our LDAP integrations. App updates really should not be tied to Cloudron updates either. I can't imagine why they would be in this case either.

              girishG Offline
              girishG Offline
              girish
              Staff
              wrote on last edited by
              #6

              @marcusquinn Are you not on 7.2? What is the LDAP bug you are hitting?

              1 Reply Last reply
              0
              • marcusquinnM marcusquinn

                @jdaviescoates No can do for this version, as it breaks our LDAP integrations. App updates really should not be tied to Cloudron updates either. I can't imagine why they would be in this case either.

                jdaviescoatesJ Online
                jdaviescoatesJ Online
                jdaviescoates
                wrote on last edited by
                #7

                @marcusquinn said in Ghost: Urgent Security Update:

                App updates really should not be tied to Cloudron updates either

                Agree, but it seems they quite often are (I've hit this a couple of times recently)

                I use Cloudron with Gandi & Hetzner

                1 Reply Last reply
                0
                • marcusquinnM marcusquinn

                  @jdaviescoates No can do for this version, as it breaks our LDAP integrations. App updates really should not be tied to Cloudron updates either. I can't imagine why they would be in this case either.

                  fbartelsF Offline
                  fbartelsF Offline
                  fbartels
                  App Dev
                  wrote on last edited by
                  #8

                  @marcusquinn said in Ghost: Urgent Security Update:

                  App updates really should not be tied to Cloudron updates either

                  In this specific case it is because the app packaging makes use of a feature only available in Cloudron >=7.2.

                  https://git.cloudron.io/cloudron/ghost-app/-/commit/ceab152d282cccc12d0cee68b5f4a7e336a8b8dd

                  marcusquinnM 1 Reply Last reply
                  2
                  • fbartelsF fbartels

                    @marcusquinn said in Ghost: Urgent Security Update:

                    App updates really should not be tied to Cloudron updates either

                    In this specific case it is because the app packaging makes use of a feature only available in Cloudron >=7.2.

                    https://git.cloudron.io/cloudron/ghost-app/-/commit/ceab152d282cccc12d0cee68b5f4a7e336a8b8dd

                    marcusquinnM Online
                    marcusquinnM Online
                    marcusquinn
                    wrote on last edited by
                    #9

                    @fbartels Thanks, guessed as much. Something we'll need to have a think about.

                    Web Design https://www.evergreen.je
                    Development https://brandlight.org
                    Life https://marcusquinn.com

                    1 Reply Last reply
                    0
                    • marcusquinnM marcusquinn marked this topic as a question on
                    • marcusquinnM marcusquinn has marked this topic as solved on
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search