Upgrading indigo iam with deployment from packages
Closed this issue · 2 comments
Hi
After discovering the XSS vulnerability, I aimed to upgrade our indigo iam instance running on rocky linux 8. I referred to the documentation for the recommended procedure, which involved stopping the service and performing a yum update. However, I noticed that no updates were available.
Furthermore, upon verification, I found that the currently deployed package version of indigo iam is 1.8.0, which is considerably outdated (September 2022) and not the most recent release.
I would like to know if this is expected behavior and what steps I should take to update an indigo iam instance deployed with packages to the latest version.
Thank you in advance.
Gautier
Hello,
we have just produced the RPMs of IAM v1.8.1p1 and v1.8.2p1, so yum update should work as expected now.
We were not aware that there is still some deployment using RPMs rather than docker images.
We are now curious about your deployment and needs; could you please contact us at iam-support@lists.infn.it?
Closing as we have produced the new RPMs for iam-login-service (available here).