TurnKey Linux Virtual Appliance Library
Low-traffic Security and News Announcements: up to one email a month (usually less). Leave this checked if you subscribed your email address to the newsletter before creating a user account.

v14.0 stable release - Massive Community Effort

The wait is over: TurnKey v14.0 is now available.

  • massive community involvement; biggest ever
  • Debian Jessie (8.2) based
  • appliances refreshed with the latest upstream software versions

New features include:

  • new lightweight DB management tool (Adminer)
  • hardened default SSL/TLS config
  • security & system email alerts

New appliances include:

TurnKey v14.0 RC1 based on Debian 8 ready for testing & development

Ahoy free software mateys! Debian 8 AKA Jessie came out last month and we've been super busy working on version 14 of the TurnKey GNU/Linux library of apps which will be based on it. We're working hard to make this release kick ass, but we're a small crew so every bit of help we get from the community really puts in the wind in our sails!

With that in mind, we've created release candidates for two basic building blocks:

CVE-2014-0235 GHOST: reboot or restart services

A remotely exploitable, 14 year old bug in glibc has reared its ugly head: CVE-2014-0235

Security updates have been pushed out automatically, courtesy of Debian to TurnKey 13 installations. TurnKey 12 installations that have enabled Squeeze LTS support have also received an update.

The catch is that running services need to be restarted for the security update to take effect.

Read more:


SSH security issue, new apps, BitKey for Bitcoin, an epiphany on values and other stories

Round of announcements:

  1. Security update regenerates stale SSH ECDSA host key

    Thanks to Peter Lieven from KAMP.de for discovering a stale ECDSA host key which was leftover from the build process. We've issued a security update to regenerate it automatically within the next 24 hours:


  2. We have 16 new apps lined up for the upcoming 13.1 release: