记录一下CentOS 8 升级 Gitlab 13.8.8 -> 14.9.5 以解决 Gitlab graphql 敏感信息泄漏漏洞(CVE-2021-4191)
嘀嘀嘀
我原来的 Gitlab 版本 13.8.8,系统版本 CentOS 8
1、确认一下版本吧
# 系统版本 cat /proc/version #Gitlab 版本 cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
2、确认升级路线
13.8.8 -> 13.12.15 -> 14.0.12 -> 14.3.6 -> 14.9.5
官方说明:
https://docs.gitlab.com/ee/update/
3、下载对应系统的 Gitlab
# CentOS 7
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-13.12.15-ce.0.el7.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.0.12-ce.0.el7.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.3.6-ce.0.el7.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.9.5-ce.0.el7.x86_64.rpm/download.rpm
# CentOS 8
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/8/gitlab-ce-13.12.15-ce.0.el8.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/8/gitlab-ce-14.0.12-ce.0.el8.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/8/gitlab-ce-14.3.6-ce.0.el8.x86_64.rpm/download.rpm
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/8/gitlab-ce-14.9.5-ce.0.el8.x86_64.rpm/download.rpm
有啥区别?哈哈
官方地址在这里了
https://packages.gitlab.com/app/gitlab/gitlab-ce/search?q=&filter=rpms&filter=rpms&dist=el%2F8
4、关闭 Gitlab 服务
sudo gitlab-ctl stop unicorn [停止工作线程] sudo gitlab-ctl stop sidekiq [停止数据库] sudo gitlab-ctl stop nginx [停止nginx]
5、顺序安装版本
sudo rpm -Uvh gitlab-ce-13.12.15-ce.0.el8.x86_64.rpm
6、重新配置并启动 Gitlab
sudo gitlab-ctl reconfigure sudo gitlab-rake gitlab:check SANITIZE=true [检查配置文件的正确性] sudo gitlab-ctl restart
重复第一步,确认 Gitlab 版本
再重复 4、5、6步升级到最终版本就 Ok 了
