Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.
All systems are operational
Scheduled Maintenance
Elasticsearch 8.16.0

We will update Elasticsearch to version 8.16.0.

Start maintenance window: 18/11/2024 23:00
Stop maintenance window: 19/11/2024 02:00

Kibana 8.16.0

We will update Kibana to version 8.16.0.

Start maintenance window: 18/11/2024 23:00
Stop maintenance window: 19/11/2024 02:00

OnlyOffice 8.2.1

We will update OnlyOffice to version 8.2.1.

Start maintenance window: 18/11/2024 23:00
Stop maintenance window: 19/11/2024 02:00

Managed Server Version 9/8: Debian Updates

We will update the following packages to the latest version.

v9:

  • base-files/stable 12.4+deb12u8 amd64 [upgradable from: 12.4+deb12u7]
  • bsdextrautils/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • bsdutils/stable 1:2.38.1-5+deb12u2 amd64 [upgradable from: 1:2.38.1-5+deb12u1]
  • btrfs-progs/stable 6.2-1+deb12u1 amd64 [upgradable from: 6.2-1]
  • curl/stable 7.88.1-10+deb12u8 amd64 [upgradable from: 7.88.1-10+deb12u7]
  • distro-info-data/stable 0.58+deb12u3 all [upgradable from: 0.58+deb12u2]
  • docker-buildx-plugin/bookworm 0.17.1-1~debian.12~bookworm amd64 [upgradable from: 0.15.1-1~debian.12~bookworm]
  • fdisk/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • galera-4/stable 26.4.20-0+deb12u1 amd64 [upgradable from: 26.4.18-0+deb12u1]
  • gtk-update-icon-cache/stable 3.24.38-2~deb12u3 amd64 [upgradable from: 3.24.38-2~deb12u2]
  • intel-microcode/stable 3.20240910.1~deb12u1 amd64 [upgradable from: 3.20240813.1~deb12u1]
  • ipmitool/stable 1.8.19-4+deb12u2 amd64 [upgradable from: 1.8.19-4+deb12u1]
  • iputils-ping/stable 3:20221126-1+deb12u1 amd64 [upgradable from: 3:20221126-1]
  • libapr1/stable 1.7.2-3+deb12u1 amd64 [upgradable from: 1.7.2-3]
  • libblkid1/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libblkid-dev/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libbtrfs0/stable 6.2-1+deb12u1 amd64 [upgradable from: 6.2-1]
  • libbtrfs-dev/stable 6.2-1+deb12u1 amd64 [upgradable from: 6.2-1]
  • libc6-dbg/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc6-dev/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc6/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc-bin/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc-dev-bin/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc-devtools/stable 2.36-9+deb12u9 amd64 [upgradable from: 2.36-9+deb12u8]
  • libc-l10n/stable 2.36-9+deb12u9 all [upgradable from: 2.36-9+deb12u8]
  • libcurl3-gnutls/stable 7.88.1-10+deb12u8 amd64 [upgradable from: 7.88.1-10+deb12u7]
  • libcurl3-nss/stable 7.88.1-10+deb12u8 amd64 [upgradable from: 7.88.1-10+deb12u7]
  • libcurl4-openssl-dev/stable 7.88.1-10+deb12u8 amd64 [upgradable from: 7.88.1-10+deb12u7]
  • libcurl4/stable 7.88.1-10+deb12u8 amd64 [upgradable from: 7.88.1-10+deb12u7]
  • libfdisk1/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libglib2.0-0/stable 2.74.6-2+deb12u4 amd64 [upgradable from: 2.74.6-2+deb12u3]
  • libglib2.0-bin/stable 2.74.6-2+deb12u4 amd64 [upgradable from: 2.74.6-2+deb12u3]
  • libglib2.0-data/stable 2.74.6-2+deb12u4 all [upgradable from: 2.74.6-2+deb12u3]
  • libglib2.0-dev-bin/stable 2.74.6-2+deb12u4 amd64 [upgradable from: 2.74.6-2+deb12u3]
  • libglib2.0-dev/stable 2.74.6-2+deb12u4 amd64 [upgradable from: 2.74.6-2+deb12u3]
  • libgs10-common/stable-security 10.0.0~dfsg-11+deb12u6 all [upgradable from: 10.0.0~dfsg-11+deb12u5]
  • libgs10/stable-security 10.0.0~dfsg-11+deb12u6 amd64 [upgradable from: 10.0.0~dfsg-11+deb12u5]
  • libgs-common/stable-security 10.0.0~dfsg-11+deb12u6 all [upgradable from: 10.0.0~dfsg-11+deb12u5]
  • libgtk-3-0/stable 3.24.38-2~deb12u3 amd64 [upgradable from: 3.24.38-2~deb12u2]
  • libgtk-3-bin/stable 3.24.38-2~deb12u3 amd64 [upgradable from: 3.24.38-2~deb12u2]
  • libgtk-3-common/stable 3.24.38-2~deb12u3 all [upgradable from: 3.24.38-2~deb12u2]
  • libmount1/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libmount-dev/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libnghttp2-14/stable 1.52.0-1+deb12u2 amd64 [upgradable from: 1.52.0-1+deb12u1]
  • libnss3/stable-security 2:3.87.1-1+deb12u1 amd64 [upgradable from: 2:3.87.1-1]
  • libnss-systemd/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libpam-systemd/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libpython3.11-minimal/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • libpython3.11/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • libpython3.11-stdlib/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • librte-eal23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-ethdev23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-kvargs23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-mbuf23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-mempool23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-meter23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-net23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-ring23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • librte-telemetry23/stable 22.11.6-1~deb12u1 amd64 [upgradable from: 22.11.5-1~deb12u1]
  • libsmartcols1/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libsqlite3-0/stable 3.40.1-2+deb12u1 amd64 [upgradable from: 3.40.1-2]
  • libssl3/stable 3.0.15-1~deb12u1 amd64 [upgradable from: 3.0.14-1~deb12u2]
  • libssl-dev/stable 3.0.15-1~deb12u1 amd64 [upgradable from: 3.0.14-1~deb12u2]
  • libsystemd0/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libsystemd-dev/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libsystemd-shared/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libudev1/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libudev-dev/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • libuuid1/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • libvirt0/stable 9.0.0-4+deb12u2 amd64 [upgradable from: 9.0.0-4+deb12u1]
  • libvirt-l10n/stable 9.0.0-4+deb12u2 all [upgradable from: 9.0.0-4+deb12u1]
  • linux-compiler-gcc-12-x86/stable 6.1.115-1 amd64 [upgradable from: 6.1.112-1]
  • linux-headers-amd64/stable 6.1.115-1 amd64 [upgradable from: 6.1.112-1]
  • linux-image-amd64/stable 6.1.115-1 amd64 [upgradable from: 6.1.112-1]
  • linux-kbuild-6.1/stable 6.1.115-1 amd64 [upgradable from: 6.1.112-1]
  • linux-libc-dev/stable 6.1.115-1 amd64 [upgradable from: 6.1.112-1]
  • locales/stable 2.36-9+deb12u9 all [upgradable from: 2.36-9+deb12u8]
  • mount/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • openssl/stable 3.0.15-1~deb12u1 amd64 [upgradable from: 3.0.14-1~deb12u2]
  • puppetserver/stable 7.9.5-2+deb12u1 all [upgradable from: 7.9.5-2]
  • python3.11-minimal/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • python3.11/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • python3.11-venv/stable 3.11.2-6+deb12u4 amd64 [upgradable from: 3.11.2-6+deb12u3]
  • python3-cryptography/stable 38.0.4-3+deb12u1 amd64 [upgradable from: 38.0.4-3]
  • sqlite3/stable 3.40.1-2+deb12u1 amd64 [upgradable from: 3.40.1-2]
  • systemd/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • systemd-sysv/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • systemd-timesyncd/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • udev/stable 252.31-1~deb12u1 amd64 [upgradable from: 252.30-1~deb12u2]
  • util-linux-extra/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • util-linux/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]
  • uuid-dev/stable 2.38.1-5+deb12u2 amd64 [upgradable from: 2.38.1-5+deb12u1]

v8:

  • blackfire/any 2:2.28.18 amd64 [upgradable from: 2:2.28.17]

Start maintenance window: 18/11/2024 23:00
Stop maintenance window: 19/11/2024 02:00

Mailcow 2024-11a

We will update Mailcow to version 2024-11a.

Start maintenance window: 18/11/2024 23:00
Stop maintenance window: 19/11/2024 02:00

Past Incidents

Monday 29th January 2024

Nextcloud 27.1.6, scheduled 9 months ago

We will update Nextcloud to version 27.1.6.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Collabora 23.05.7.5.1, scheduled 9 months ago

We will update Collabora to version 23.05.7.5.1.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Managed Server Version 9: Debian Updates, scheduled 9 months ago

We will update the following packages to the latest version.

  • docker-ce/bookworm 5:25.0.1-1~debian.12~bookworm amd64 [upgradable from: 5:25.0.0-1~debian.12~bookworm]
  • docker-ce-cli/bookworm 5:25.0.1-1~debian.12~bookworm amd64 [upgradable from: 5:25.0.0-1~debian.12~bookworm]
  • docker-ce-rootless-extras/bookworm 5:25.0.1-1~debian.12~bookworm amd64 [upgradable from: 5:25.0.0-1~debian.12~bookworm]
  • docker-compose-plugin/bookworm 2.24.2-1~debian.12~bookworm amd64 [upgradable from: 2.24.1-1~debian.12~bookworm]

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

MongoDB 4.4.28, scheduled 9 months ago

We will update MongoDB to version 4.4.28.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Kibana 8.12.0, scheduled 9 months ago

We will update Kibana to version 8.12.0.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Elasticsearch 8.12.0, scheduled 9 months ago

We will update Elasticsearch to version 8.12.0.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Mailcow 2024-01b, scheduled 9 months ago

We will update Mailcow to version 2024-01b.

Start maintenance window: 29/01/2024 23:00
Stop maintenance window: 30/01/2024 02:00

Friday 26th January 2024

GitLab 16.7.4, scheduled 9 months ago

We will update GitLab to version 16.7.4

Start maintenance window: 26/01/2024 00:00
Stop maintenance window: 26/01/2024 02:00

Thursday 25th January 2024

No incidents reported

Wednesday 24th January 2024

Managed Server Version 8: Debian Updates, scheduled 9 months ago

We will update the following packages to the latest version.

  • openjdk-11-jre-headless/oldstable-security 11.0.22+7-1~deb11u1 amd64 [upgradable from: 11.0.21+9-1~deb11u1]
  • openjdk-11-jre/oldstable-security 11.0.22+7-1~deb11u1 amd64 [upgradable from: 11.0.21+9-1~deb11u1]

Start maintenance window: 24/01/2024 23:00
Stop maintenance window: 25/01/2024 02:00

Tuesday 23rd January 2024

No incidents reported

Monday 22nd January 2024

Sentry 24.1.0, scheduled 9 months ago

We will update Sentry to version 24.1.0.

Start maintenance window: 22/01/2024 23:00
Stop maintenance window: 23/01/2024 01:00

Roundcube 1.6.6, scheduled 9 months ago

We will update Roundcube to version 1.6.6.

Start maintenance window: 22/01/2024 23:00
Stop maintenance window: 23/01/2024 01:00

Managed Server Version 8: Postfix Configuration: Forbid Bare Newlines to Prevent SMTP Smuggling

To deliver mails sent locally through sendmail or SMTP, our web servers do use a local Postfix installation each. This is used to deliver mails sent through web applications running on those servers. Under certain circumstances, it might be possible to inject a second email into the delivery process (details) through an application, for example by using a tailored message within an unsecured contact form.

Therefore, we changed the configuration to forbid bare newlines to close this loophole under all circumstances. Standard SMTP implementations will not be affected, so we do not expect any drawbacks. Nevertheless, should you run into a problem with your application, please contact us to decide the proper proceedings.

Reference #1480

Managed Server Version 9: Postfix Configuration: Forbid Bare Newlines to Prevent SMTP Smuggling

To deliver mails sent locally through sendmail or SMTP, our web servers do use a local Postfix installation each. This is used to deliver mails sent through web applications running on those servers. Under certain circumstances, it might be possible to inject a second email into the delivery process (details) through an application, for example by using a tailored message within an unsecured contact form.

Therefore, we changed the configuration to forbid bare newlines to close this loophole under all circumstances. Standard SMTP implementations will not be affected, so we do not expect any drawbacks. Nevertheless, should you run into a problem with your application, please contact us to decide the proper proceedings.

Reference #1480

Sunday 21st January 2024

No incidents reported

Saturday 20th January 2024

No incidents reported