Dear Bahmni Community,
We are pleased to announce the patch release of Bahmni Standard v1.0.1 and Bahmni Lite v1.0.1, incorporating the latest security fixes from OpenMRS to enhance system security and stability.
Key Updates in This Release:
This patch includes the latest security updates to address vulnerabilities identified during recent penetration testing of OpenMRS. As part of this release, Bahmni now runs on:
- Upgraded OpenMRS Core: v2.5.14
- Updated Modules with Security Patches:
Why does this release matter:
- Critical Security Fixes: Ensures protection against vulnerabilities such as broken access control, phishing risks, and stored XSS.
- Stability Improvements: Brings in fixes and enhancements for improved system performance.
- Alignment with OpenMRS Security Recommendations: Ensures Bahmni stays in sync with the latest security advisories from OpenMRS.
Docker Images for Deployment:
The latest versions are available as Docker images for quick deployment:
- For implementations running with Bahmni Lite v1.0.0:
- bahmni/openmrs docker image released with tag 1.0.1
- For implementations running with Bahmni Standard v1.0.0:
- bahmni/openmrs docker image released with tag 1.1.2
What You Need to Do:
Prerequisites
- Install stable version of Git
- Install latest stable versions of docker & docker compose in your machine (based on your respective OS).
Fresh Installations:
Refer this Wiki Page for Running Bahmni on Docker for detailed instructions.
Upgradation steps for existing implementations:
-
Before proceeding with the upgrade, ensure you take a complete backup of your implementation data to prevent any data loss.
-
Update the image tag configuration for OpenMRS Service
For Bahmni Lite Implementations:
Take a pull of bahmni-docker repository and checkout to v1.0.1-lite tag
git pull --rebase --tags git checkout tags/v1.0.1-lite(or)
Update the .env file of your implementation for the OPENMRS_IMAGE_TAG to point to 1.0.1
For Bahmni Standard Implementations:
Take a pull of bahmni-docker repository and checkout to v1.0.1-standard tag
git pull --rebase --tags git checkout tags/v1.0.1-standard(or)
Update the .env file of your implementation for the OPENMRS_IMAGE_TAG to point to 1.1.2
These changes can also be referred from this PR on bahmni-docker repository.
-
Pull the Latest Docker Images
Run the following command to pull the updated Docker images:
docker compose --env-file .env pull -
Restart Services
Restart the OpenMRS service to apply the updates:
docker compose --env-file .env up -d openmrs
Note: If your local setup is using the latest tag, follow Steps 3 and 4 to pull the latest image and update your services accordingly.
Upgrade Recommendations:
We strongly recommend all Bahmni Standard (v1.0.0 users) and Bahmni Lite (v1.0.0 users) upgrade to these patched versions at the earliest convenience to benefit from the latest security improvements.
For further details, please refer to the official OpenMRS release notes or the OpenMRS Security Advisory, January 2025.
If you have any questions or require assistance with the upgrade, feel free to reach out to the Bahmni team via the community forums.
Thank you for your continued support and contributions to making Bahmni a secure and robust solution.
@arjun @mksrom @ramashish @shivarachakonda @binduak @swetha184 @laxman @anandpatel @snehabagri @sushilp @sushmit @vmalini @dipakthapa @ramashish @mddubey @rrameshbtech @mddubey @iadksd @mwelazek @michaelbontyes @buvaneswariarun @sanjayap @florianrappl @apaule @mwelazek @tejakancherla @rabbott @gsluthra @wolf @mdg583 @akhilmalhotra @n0man @swatigogia @mohant @sanofersameera @soorya @deepthi @rohit.yawalkar @venu @atish1603 @grace @abhinab @binduak @mohant @sivareddy @gsluthra @akanter @gokul @rahu1ramesh @parvathybabu @satyar91 @sweety @keerthana @riya18
