search

getumbrel / umbrel

A beautiful home server OS for self-hosting with an app store. Buy a pre-built Umbrel Home with umbrelOS, or install on a Raspberry Pi or any x86 system.
https://umbrel.com
Other
6.87k stars 508 forks source link

Tailscale Security Update #1831

Closed Jack1424 closed 1 month ago

Jack1424 commented 1 month ago

Tailscale released a critical security update (v1.66.0) last week, but the latest version available from the Umbrel app store is still v1.62.1 (released almost 2 months ago).

The vulnerability that v1.66.0 fixes (TS-2024-005) is quite major, and it affects any devices being used as exit nodes, subnet routers, or app connectors, which are probably popular uses for anyone running Tailscale on UmbrelOS.

It seems like the Umbrel team manually adds Tailscale updates to the Umbrel app store. Is there any way to automate these updates so we can access critical security and feature updates without opening an issue or PR? Tailscale's built-in auto-update feature does not seem to work on UmbrelOS.

highghlow commented 1 month ago

I don't know if it's possible to automate, but I've started working on this.

highghlow commented 1 month ago

Awaiting merge