View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Security Updates only on my Gitlab Server on Linode
Log in to Ask a Question

Security Updates only on my Gitlab Server on Linode

I am looking to do a update on my ubuntu 16.04 gitlab-ce 11.3.0-ce.0. Can anyone tell me how safe is it? I have taken a backup using gitlab-rake.

Also I just want to do security updates only for now. So do I just use security repo on /etc/apt/soouces.list commenting everything else? How do I disable /etc/apt/sources.list.d/ repos.

1 Reply

Linode Staff

Hello @outlines -

Taking a backup using gitlab-rake is always a great thing to do if you have any concerns about safely updating your gitlab-ce version.

As far as how safe it is: it looks like Gitlab 11.6 is the latest stable Gitlab release. Gitlab has some very helpful upgrade recommendations on their website. Specifically:

It is considered safe to jump between patch versions and minor versions within one major version. For example, it is safe to:

Upgrade the patch version:
8.9.0 -> 8.9.7
8.9.0 -> 8.9.1
8.9.2 -> 8.9.6

Upgrade the minor version:
8.9.4 -> 8.12.3
9.2.3 -> 9.5.5

In your case, you would be upgrading the minor version, from 11.3.0 to 11.6.0.

If you were upgrading the major version (for example) from 8.13.4 to 11.3.4, then they do recommmend the following:

[F]irst upgrade to the latest available version within your major version. By doing this, you can address any deprecation messages that could possibly change behaviour in the next major release.

As for just doing the security updates for now, in looking at Gitlab's website, I don't see that they offer a way to do security related updates only. Instead, they point you to this page:

https://about.gitlab.com/2019/01/16/critical-security-release-gitlab-11-dot-6-dot-4-released/

Which directs you to this page to update to the latest version of Gitlab:

https://about.gitlab.com/update/

In other words, it looks like the general updates go hand-in-hand with the security updates. Because of this I wouldn't feel comfortable recommending that you comment out the non-security related updates in your /etc/apt/sources.list, since I'm not sure whether some of the security updates might be dependent on some non-security related updates.

I would say the same thing about your other question ("How do I disable /etc/apt/sources.list.d/ repos") since I wasn't able to find anything on Gitlab's website about whether this is recommended or not.

With that said, since you have made a backup, you could try commenting out the non-security related updates to see what happens, though I would not recommend this.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct