Update Xibo CMS 2x to 3x

Dear community,

I have been a satisfied customer of Xibo CMS (local installation) for several years. Currently, I am running version 2.3.17 (Xibo for Docker) and I am considering upgrading to the latest version, 3.3.5. Do you foresee any issues with performing the update directly through the CMS, such as potential incompatibility with the screen players or any other problems?

From a security perspective, is this update necessary due to a known security vulnerability? Will version 2.3.17 continue to be supported in the future? Is there a planned End of Life for this version?

Furthermore, I am considering migrating to the Xibo Cloud. Would it be possible to migrate smoothly from version 2.3.17 to the Cloud, and how would that process work?

Thank you for your assistance!

Chris Specter

Hi specter, welcome to the community!

I’m glad to hear that you’re satisfied with Xibo signage, thank you for sharing that. I will answer each of the questions you raise in order.

I am considering upgrading to the latest version, 3.3.5. Do you foresee any issues with performing the update directly through the CMS, such as potential incompatibility with the screen players or any other problems?

Upgrading to version 3.3.5 is a good idea. I don’t foresee any issues with doing that. We always recommend making a backup of your database and media library before you proceed with the upgrade, just in case an issue occurs during the upgrade process and you need to return to 2.3.17.
.
There should not be a compatibility issue with your current players when you upgrade your CMS, however you should upgrade your players to version 3 once the CMS upgrade is complete. Older player versions will not understand the new functionality in version 3, so it is best to upgrade to ensure player compatibility.
Please note that version 3 Windows players are not backwards compatible so be sure to upgrade those players only after you know the upgrade was successful.

From a security perspective, is this update necessary due to a known security vulnerability? Will version 2.3.17 continue to be supported in the future? Is there a planned End of Life for this version?

The security issues you refer to are likely the ones in this blog post, in case any other users read this but are unaware of this blog post.
The fixes are included in 2.3.17 and 3.3.5, so you are currently protected from those vulnerabilities if you are using 2.3.17 already.
Version 2.3 is currently supported for maintenance/security upgrades only. 3.3 is the current stable release, with maintenance upgrades also planned for this version. Please note that version 4 is in development and so will become the current/stable release in the near future. This will likely effect whether 2.3 continues to be supported.
This link is the best way to keep up with what is currently supported, as well as the Xibo blog.

In short, 2.3 is expected to be end of life in the near future, however a date has not been set yet. With this in mind it would be recommended to upgrade to version 3.3. Plus you will have access to all sorts of new features added to version 3, including interactive signage support, more scheduling functionality and a lot more.

Furthermore, I am considering migrating to the Xibo Cloud. Would it be possible to migrate smoothly from version 2.3.17 to the Cloud, and how would that process work?

When migrating to Xibo cloud, we can arrange for your database and media library to be transferred to your cloud instance. Xibo cloud also includes help desk support and automated CMS upgrades, to simplify the process for you. For more information about migrating it would be best to speak to a member of the sales team on the help desk.

If you decide to continue hosting on your local installation, please see our CMS upgrade documentation for Docker for more information on how to upgrade.
Please be aware that if you decide to modify the YML file you are using for your CMS that you will need to be aware of the change to the XMS and CMS image locations. These were changed from 3.3.4 onwards, so simply changing the version number in your YML will not work.
The new image names for xibo-xmr and xibo-cms are:

ghcr.io/xibosignage/xibo-xmr:0.9
ghcr.io/xibosignage/xibo-cms:release-3.3.5

All the best with the upgrades if you stay locally hosted. If you run into any issues upgrading your CMS please create a new community post, there are a lot of very skilled and experienced members of the community who will be able to help you.

Please excuse the long reply, I hope it’s clear and answers all of your questions.

Many Thanks.

Hi DanBW,

Thank you very much for your detailed response. I appreciate it.

Your answers are great and have been very helpful to me.

The offer regarding the Xibo Cloud is also intriguing. However, I still have a few small questions about it. I hope it’s okay if I ask them here in this post.

We use Xibo in the EU, where the General Data Protection Regulation (GDPR) applies (in the EU, it’s called the DSGVO). Where are the Xibo Cloud servers located, and do you have certificates confirming that your Cloud is GDPR/DSGVO compliant? I couldn’t find much information about this on your website.

Another question: When we upload content to the Cloud, how is that process protected? Is it done through a secure SSL connection? How are the databases in the Cloud secured? Are there any other protective measures in place?

If there is a detailed product datasheet for your Xibo Cloud, I would also like to read it if you could let me know where I can find it.

Thank you for this exceptionally good support!

Best regards,
Chris

Hi Chris/specter,

First of all, thank you for the positive feedback. I’m glad the support you have received has been satisfactory. :slightly_smiling_face:

I can confirm that the Xibo cloud servers are located in Singapore, London, Germany, New York and Sydney. You can choose which of those servers you want to be hosted on.

Regarding your GDPR/DSGVO and cloud security questions, it would be best for you to open a ticket so we can pass on our security document and so the network team can confirm any further details you may need to know.
The second reason I recommend this is because security policies, standards and documents can change frequently, and I wouldn’t want any community members reading this in the future to have out of date information/links.
The sales team will also have access to the relevant documents and details about the cloud product.

Many Thanks.

Hi Dan,

Thank you once again for your response.

The tip to contact the team to obtain the latest security information was excellent. I have received all the data I needed.

Best regards and have a great day,

Chris

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.