This Friday 09/02/2018, we released a new version of Debian packages that provides security patches. This update requires that you modify manually on your installations.
CouchDB 2.1.1 fixes 2 severe vulnerabilities
The update provided by CouchDB also modifies the default behavior, which breaks compatibility with an existing installation (see here).
To properly upgrade your CouchDB without breaking your Cozy:
* Back up your `/opt/couchdb/etc/vm.args` file * Update CouchDB: `apt update && apt upgrade` * Turn off your Cozy and your CouchDB: `systemctl stop cozy-stack couchdb` * Restore your `/opt/couchdb/etc/vm.args` file * Restart services: `systemctl start couchdb cozy-stack`
If you have already upgrade and your Cozy doesn’t start anymore, just edit
/opt/couchdb/etc/vm.args and replace
-name email@example.com with
-name couchdb@localhost. Then restart CouchDB then Cozy.
Earlier versions incorrectly configured nginx virtual hosts, leading to non-functional konnectors.
In order to restore your konnectors, it is needed to edit each existing vhost (one per instance) in
/etc/nginx/sites-available and replace
proxy_pass http://localhost:8080/; with
proxy_pass http://localhost:8080; (no more trailing
/), then restart nginx (
systemctl restart nginx).