With Deadline being in maintenance mode, are users essentially on their own when it comes to working around the MongoBleed exploit? Or will an official patched version be released at some point?
1 Like
This was one of my fears, think manually updating Mongo breaks something.
Hello! We’ll be updating the version of MongoDB that ships with Deadline to resolve the MongoBleed vulnerability.
In the meantime, you should be able to upgrade from 6.0.16 to 6.0.27 yourself, here’s how I’d do it:
1: Make a backup of your DeadlineDatabase folder
2. Install MongoDB 6.0.27 using the Manual Database installation steps
3. Stop the DeadlineDatabase system service after confirming the database is accessible
4. Use the DeadlineDatabase10\mongo\data folder from your backup to replace the one in the new installation.
5. Delete any .lock files in the data folder.
6. Start the DeadlineDatabase service.
3 Likes
Good to hear; thanks Justin!
1 Like
I’ve been just stopping the service and replacing the binaries which seems to work fine, but now 10.4.2.3 is released with Mongo update
1 Like