Rodger Greer's picture

I started using TurnKey Hub about a month ago. I manually upgraded the TKL appliance to MediaWiki 1.22 shortly after deploying and life was good. Yesterday the MediaWiki install stopped working, in spite of the fact that there had been no activity for the last few days. I suspect the failure was caused by a security update that was pushed out to my virtual appliance. Unfortunately, the update is to a much lower version of MediaWiki than I was using.

By turning off Semantic MediaWiki extensions, I could see that the version is now 1.19.16+dfsg-0+deb7u1, which is not compatible with my requirements. When I searched on the version string above, I found that yesterday there was a Debian Security Advisory (see, and 1.19.16+dfsg-0+deb7u1 is the fix...

I am pretty sure I can get the wiki running again by manually reinstalling a newer version again. I will upgrade to 1.23 while I am at it.

My question is: How do I prevent this from happening in the future? Seems that Debian is not in sync with the latest MediaWiki updates.




Jeremy Davis's picture

It sounds like the process that you used to update MediaWiki was not a good choice. It is not a good idea to upgrade software installed from package management by overwriting it with software from upstream. One of the reasons is one that you've discovered, but there are others...

So whilst you could manually remove the mediawiki package (apt-get remove mediawiki) and then install from upstream, I don't think that would be the best course of action. Personally I would recommend that if the version of MediaWiki included in the TKL Appliance is too old, then you would be better using the LAMP appliance and install MediaWiki from upstream to that.

Then migrate your data across. I suspect that initially it would be better to manually migrate the data. Once you have done that then TKLBAM will be fine for backups, but I think it might cause issues.

If you choose to persevere

Add new comment