Users of on-premise installations of wire-server can enable SAML SSO for a team by manually editing values.yaml in `/usr/local/bin/wire-server` and setting teamEnabled to true in the override. To update wire-server on-premise, run the following commands: 1. Update the wire-server Docker image: $ docker pull wire-server/wire-server 2. Clone the updated wire-server Docker image: $ docker pull wire-server/wire-server 3. Run the updated wire-server: $ docker run -it --rm --network host wire-server 4. Copy the updated values.yaml from /usr/local/bin/wire-server to /usr/local/bin/wire-server.old and make sure to keep a backup. 5. Run the following command to update the wire-server Docker image: $ docker pull wire-server/wire-server 6. Run the following command to update the wire-server Docker image: $ docker commit -m "Upgrade wire-server to vVERSION> " wire-server wire-server/wire-server 7. Run the following command to update the wire-server Docker image: $ docker push wire-server/wire-server
CVE-2021-4141
Wire-server v1.15.0 was released on October 17, 2018. There is a vulnerability in the wire-server Docker image that allows an attacker to execute a malicious payload. This can be exploited by creating a new wire-server container from the wire-server Docker image and running the malicious payload by specifying it's host name or IP address in the volume mount config for that file.
In the event an attacker successfully exploits this vulnerability, they would be able to run arbitrary code with root privileges. This update addresses this issue by removing the hostname/ip entry from volume mount config file where
STEP 2: Install Wire Pro SDK
And Configure Wire Server
Install wire-server on your local machine
First, install wire-server on your local machine. The Docker image is available on docker hub and can be pulled with the following command: $ docker pull wire-server/wire-server
SAML SSO and Wire-Server
SAML SSO is used to provide a single sign-on (SSO) capability for applications running on an on-premise installation of wire-server. SAML SSO is particularly useful for applications that are not running in the cloud, such as legacy applications. The SAML SSO service can be enabled by manually editing values.yaml in `/usr/local/bin/wire-server` and setting teamEnabled to true in the override.
To update wire-server on-premise, run the following commands:
1. Update the wire-server Docker image: $ docker pull wire-server/wire-server 2. Clone the updated wire-server Docker image: $ docker pull wire-server/wire-server 3. Run the updated wire-Server: $ docker run -it --rm --network host wire-server 4. Copy the updated values.yaml from /usr/local/bin/wire-server to /usr/local/bin/wire-server.old and make sure to keep a backup. 5. Run the following command to update the wire-server Docker image: $ docker pull wire-server/wire-server 6. Run the following command to update the wire-Server Docker image: $ docker commit -m "Upgrade Wire Server To vVERSION> " -f wireserver wireserver/wireserver 7. Run the following command to update the Wire Server docker image: $ docker push wireserver
On-premise installation of wire-server
The on-premise installation of wire-server can be upgraded by manually editing values.yaml in `/usr/local/bin/wire-server` and setting teamEnabled to true in the override. To update wire-server on-premise, run the following commands: 1. Update the wire-server Docker image: $ docker pull wire-server/wire-server 2. Clone the updated wire-server Docker image: $ docker pull wire-server/wire-server 3. Run the updated wire-Server: $ docker run -it --rm --network host wire-server 4. Copy the updated values.yaml from /usr/local/bin/wire-server to /usr/local/bin/wire-server.old and make sure to keep a backup. 5. Run the following command to update the wire-Server Docker image: $ docker pull wire-server/wire-server 6. Run the following command to update the wire-Server Docker image: $ docker commit -m "Upgrade wire server to vVERSION> " --change="teamEnabled=true" -i wireserver wireserver/wireserver 7. Run the following command to update the wire Server Docker image: $ docker push wireserver
Timeline
Published on: 10/18/2022 10:15:00 UTC
Last modified on: 10/20/2022 15:38:00 UTC