Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.
All systems are operational
Scheduled Maintenance
Debian Updates: Managed Server 8

We will update the following packages to the latest version.

  • blackfire/any 2:2.28.0 amd64 [upgradable from: 2:2.27.0]
  • less/oldstable-security 551-2+deb11u2 amd64 [upgradable from: 551-2]
  • docker-ce/bullseye 5:26.1.2-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.1-1~debian.11~bullseye]
  • docker-ce-cli/bullseye 5:26.1.2-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.1-1~debian.11~bullseye]
  • docker-ce-rootless-extras/bullseye 5:26.1.2-1~debian.11~bullseye amd64 [upgradable from: 5:26.1.1-1~debian.11~bullseye]
  • libdav1d4/oldstable-security 0.7.1-3+deb11u1 amd64 [upgradable from: 0.7.1-3]
  • ops-php82/unknown 8.2.19-ops-60247 amd64 [upgradable from: 8.2.18-ops-59312]
  • ops-php83/unknown 8.3.7-ops-60238 amd64 [upgradable from: 8.3.6-ops-59342]
  • libglib2.0-0/oldstable-security 2.66.8-1+deb11u3 amd64 [upgradable from: 2.66.8-1+deb11u1]
  • libglib2.0-data/oldstable-security 2.66.8-1+deb11u3 all [upgradable from: 2.66.8-1+deb11u1]

Start maintenance window: 13/05/2024 23:00
Stop maintenance window: 14/05/2024 02:00

Debian Updates: Managed Server 7

We will update the following packages to the latest version.

  • blackfire/any 2:2.28.0 amd64 [upgradable from: 2:2.27.0]
  • distro-info-data/oldoldstable 0.41+deb10u9 all [upgradable from: 0.41+deb10u8]
  • libnghttp2-14/oldoldstable 1.36.0-2+deb10u3 amd64 [upgradable from: 1.36.0-2+deb10u2]
  • python3-idna/oldoldstable 2.6-1+deb10u1 all [upgradable from: 2.6-1]
  • php7.3-cli/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-common/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-intl/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-json/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-opcache/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-phpdbg/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • php7.3-readline/oldoldstable 7.3.31-1~deb10u6 amd64 [upgradable from: 7.3.31-1~deb10u5]
  • docker-ce/buster 5:26.1.2-1~debian.10~buster amd64 [upgradable from: 5:26.1.1-1~debian.10~buster]
  • docker-ce-cli/buster 5:26.1.2-1~debian.10~buster amd64 [upgradable from: 5:26.1.1-1~debian.10~buster]
  • docker-ce-rootless-extras/buster 5:26.1.2-1~debian.10~buster amd64 [upgradable from: 5:26.1.1-1~debian.10~buster]

Start maintenance window: 13/05/2024 23:00
Stop maintenance window: 14/05/2024 02:00

Debian Updates: Managed Server 9

We will update the following packages to the latest version.

  • blackfire/any 2:2.28.0 amd64 [upgradable from: 2:2.27.0]
  • less/stable-security 590-2.1~deb12u2 amd64 [upgradable from: 590-2]
  • libruby3.1/stable-security 3.1.2-7+deb12u1 amd64 [upgradable from: 3.1.2-7]
  • ruby3.1/stable-security 3.1.2-7+deb12u1 amd64 [upgradable from: 3.1.2-7]
  • docker-ce/bookworm 5:26.1.2-1~debian.12~bookworm amd64 [upgradable from: 5:26.1.1-1~debian.12~bookworm]
  • docker-ce-cli/bookworm 5:26.1.2-1~debian.12~bookworm amd64 [upgradable from: 5:26.1.1-1~debian.12~bookworm]
  • docker-ce-rootless-extras/bookworm 5:26.1.2-1~debian.12~bookworm amd64 [upgradable from: 5:26.1.1-1~debian.12~bookworm]
  • libdav1d6/stable-security 1.0.0-2+deb12u1 amd64 [upgradable from: 1.0.0-2]
  • ops-php82/unknown 8.2.19-ops-60255 amd64 [upgradable from: 8.2.18-ops-59317]
  • ops-php83/unknown 8.3.7-ops-60237 amd64 [upgradable from: 8.3.6-ops-59343]
  • libglib2.0-0/stable-security 2.74.6-2+deb12u2 amd64 [upgradable from: 2.74.6-2]
  • libglib2.0-bin/stable-security 2.74.6-2+deb12u2 amd64 [upgradable from: 2.74.6-2]
  • libglib2.0-data/stable-security 2.74.6-2+deb12u2 all [upgradable from: 2.74.6-2]
  • libglib2.0-dev-bin/stable-security 2.74.6-2+deb12u2 amd64 [upgradable from: 2.74.6-2]
  • libglib2.0-dev/stable-security 2.74.6-2+deb12u2 amd64 [upgradable from: 2.74.6-2]

Start maintenance window: 13/05/2024 23:00
Stop maintenance window: 14/05/2024 02:00

Keycloak 24.0.4

We will update Keycloak to version 24.0.4.

Start maintenance window: 13/05/2024 23:00
Stop maintenance window: 14/05/2024 02:00

Past Incidents

Monday 20th December 2021

Update Matomo, scheduled 2 years ago

We will update Matomo to version 4.6.2.

Start maintenance window: 20/12/2021 23:00 CET Stop maintenance window: 21/12/2021 01:00 CET

SaaS: Mailserver Update, scheduled 2 years ago

We perform software updates on our mail servers. We expect a downtime of ~5 minutes.

Start maintenance window: 20/12/2021 23:00
Stop maintenance window: 21/12/2021 02:00

New features / Changes:

  • [Docker] Update phpfpm, Clamd, SOGo, Dovecot, Solr
  • [Web] Allow multiple TOTP

Wednesday 15th December 2021

Managed Server Version 8: Composer 1.10.24

Composer was updated to version 1.10.24

Managed Server Version 7: Composer 1.10.24

Composer was updated to version 1.10.24

Managed Server Version 6: Composer 1.10.24

Composer was updated to version 1.10.24

Tuesday 14th December 2021

Managed Server Version 7: TYPO3 11.5.4 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/11.5.4
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 8: TYPO3 11.5.4 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/11.5.4
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 7: TYPO3 10.4.22 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/10.4.22
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 8: TYPO3 10.4.22 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/10.4.22
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Cockpit: Version 2.14.0
  • #699 [TASK] Domain pricing update
  • #526 [FEATURE] Server details: show discounted price
  • #700 [FEATURE] DNS zones: create cryptokeys on zone creation
  • #701 [FEATURE] Domains: add DNSSEC toggle
  • #703 [FEATURE] Server/domain list: show discount
  • #708 [BUGFIX] Sentry: send correct environment

Reference: #706

Monday 13th December 2021

Cluster Maintenance, scheduled 2 years ago

We are performing maintenance on our Nutanix cluster. During this time, there may be higher disk i/o.

Start maintenance window: 13/12/2021 23:00
Stop maintenance window: 14/12/2021 06:00

Update Elasticsearch & Kibana 7.16.1, scheduled 2 years ago

We will update Elasticsearch and Kibana to version 7.16.1.

Start maintenance window: 13/12/2021 14:20
Stop maintenance window: 13/12/2021 14:45

Managed Server Version 7: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

  • added the User-Agent and Referer headers to the targets of the CRS rule 932130
  • added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

Managed Server Version 8: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

  • added the User-Agent and Referer headers to the targets of the CRS rule 932130
  • added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

Managed Server Version 6: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

  • added the User-Agent and Referer headers to the targets of the CRS rule 932130
  • added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

Sunday 12th December 2021

No incidents reported

Saturday 11th December 2021

No incidents reported

Friday 10th December 2021

No incidents reported

Thursday 9th December 2021

No incidents reported