This release fixes security vulnerabilities in Apollo versions 2.4.0 through 2.7.0. For more details on these vulnerabilities, please see https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07. It is critical that you update your Apollo 2.4.0 to 2.7.0 installations as soon as possible. While we are not aware of any active exploitation of these vulnerabilities, it is only a matter of time before publicly disclosed vulnerabilities are systematically exploited by hackers. Consequently, we strongly recommend applying the update to protect your systems.

If you are using Docker to deploy Apollo, there are two different images you can choose from. The gmod/apollo:release-2.8.0-alternate image will provide a drop-in replacement for your existing Docker image. This image, however, like past images, runs as the root user. If you would like the additional security of not running as a root user, you can use the gmod/apollo:release-2.8.0 image, which does not run as the root user, but will require you to update any mounted directories so they are accessible by a non-root user.

2.8.0

Bug Fixes

• Security fixes

Infrastructure Changes

• Upgrade to JBrowse 1.16.12

Full change long for all versions can be found here: https://github.com/GMOD/Apollo/blob/develop/ChangeLog.md

Docker builds are on docker hub: https://hub.docker.com/r/gmod/apollo

Please review the documentation pages for more details: http://genomearchitect.readthedocs.io/en/latest/

Note: You can find a guide to upgrading existing Apollo installations here: https://genomearchitect.readthedocs.io/en/latest/Migration.html

Report issues if found.
Active mailing list (apollo@lbl.gov) and google group.