v14.2 Release Update #2 - 25 more apps, new OpenStack, OVA & VMDK

What!?! Another month (actually a month and a half) has gone by and we're only just announcing the next batch?! Well, I better get on with it then!

Today I'm announcing 25 more appliances updated to v14.2. I'm also pleased to (finally) announce that the new improved v14.2 OpenStack builds are available for all v14.2 appliances. The v14.2 OVA and VMDK builds have also been refactored and previous v14.2 builds re-released.

As per always, the updated appliances (inc new OpenStack, OVA & VMDK) can be downloaded and/or launched on AWS from the Hub via their respective appliance pages. The 25 new ones are linked below, links to the others are in the previous release announcement. Alternatively all our images are available via our mirror network, many support rsync. Just look for 14.2!

25 (more) Updated Appliances

Straight to the point; the freshly updated appliances (in alphabetical order) are:

Tweaking the OVA manifest

For what it's worth, the delay was caused by issues with OVAs from the first batch. The problems were reported by John Youssef and pbt39ppc (here and here respectively).

The issues were introduced by our use of the latest version of VMware's OVFTool. The new OVFTool defaults to SHA256 checksums in the manifest file (inside the OVA). Older versions of VMware products aren't compatible with that, so it caused issues for some users.

I rebuilt some test images using only SHA1 checksums in the manifest, and some testers confirmed that resolved the primary issue. Whilst relatively weak checksums (i.e. SHA1) could be seen as a security concern, we believe that is mitigated by the signed hash file (which includes SHA256 & SHA512 checksums) which we provide for the OVA itself. So those that are security conscious (and you all should be!) can use that, with the included manifest file just there as a secondary corruption check.

Adjusting the OVF OS type

However, another new issue popped up. It seems that the updated OVFTool is also better at working out the underlying OS. So for the v14.2 update, the internal OVF file (inside the OVA) included some more specific OS info. Namely that TurnKey is "Debian 8 64 bit".

On face value that seemed pretty cool. I loved it during testing when my VBox test VM had the Debian logo as it's icon! Unfortunately again though, older versions of VMware products do not recognise "Debian 8 64 bit" as a valid OS. So that too has been reverted to our previous v14.x release default. I.e. "Other OS 64 bit".

Refactoring the VM builds

While I was digging around inside the code, I noticed that our VM builds (both OVA and VMDK) were actually still using a separate /boot partition (outside the LVM). That is no longer needed as grub2 can boot into LVM. We actually removed the separate boot partition from the ISO builds for v14.2 already. So it seemed appropriate for the VM build to be consistent.

Extra special thanks to John Youssef and pbt39ppc for reporting the initial issue, as well as following up testing and feedback. Your help was invaluable to confirming and resolving the issues. Once again, the TurnKey community comes through with the goods! :)

OpenStack... finaly!

I'm so glad that we've finally caught up on v14.2 OpenStack builds. Tomas Vondra and Home at Cloud have been so patient. He contributed the code ages ago and it's only now accessible to the general public. Thanks again Tomas and your employer Home at Cloud for the great work.

As noted above, they are available from the relevant appliance pages. Please be aware that only the v14.2 builds (version noted on each appliance page, or use the links on this page and the previous release blog) are in this new and improved format. The others are coming as fast as we can! :)

Give us your feedback

Please try them out and let us know what you think. We're especially interested in bug reports, suggested improvements (big and small) and any other constructive criticism you have for us. Please post in the comments below, or start a new thread in the forums. Bug reports and feature requests can be lodged directly to our issue tracker.

And last, but certainly not least; thanks to the community for all you do about the place. You rock!


John Carver's picture

@Jeremy, Thanks for all the work you're putting in to the 14.2 version.

I thought I would announce here a new appliance candidate for OpenVAS. OpenVAS is an open-source vulnerability scanner and manager. It is a fork of the last open-source release of Nessus and is now maintained and updated by Greenbone Networks. With the recent news about WannaCry and Petya (GoldenEye), I felt it was time to complete this project which I started about two years ago.

The TKLdev project can be found at https://github.com/Dude4Linux/openvas and I've uploaded an ISO to Turnkey Linux Community Downloads on Sourceforge. https://sourceforge.net/projects/turnkeylinuxcom/files/turnkey-openvas/t...

Information about OpenVAS can be found at http://www.openvas.org/

If anyone is interested in giving it a try, I'd like to hear your feedback.

Information is free, knowledge is acquired, but wisdom is earned.

Jeremy Davis's picture

OpenVAS looks like a fantastic appliance. I can't guarantee a firm timeframe, but be assured I'll try to squeeze it in as soon as I can.

As per always, thanks so much for all you do around here! You're a living legend! :)


Add new comment