binhex

you sure about that? so in advanced view for the container in 'extra parameters' you have the following defined?:- --sysctl="net.ipv4.conf.all.src_valid_mark=1"

this is a github repository that has been put into read only mode, basically its not not supported or maintained. a tagged image refers to somebody specifying the version they want via the docker tag, read Q5 for how this works:- https://github.com/binhex/documentation/blob/master/docker/faq/unraid.md

OK hopefully the last comment from me on xz as i believe we are sorted, if you want to confirm the package version installed to ensure its the patched version '5.6.1-2' (see https://security.archlinux.org/ASA-202403-1), then do the following:- open unraid webui and left click container and select 'Console' copy and paste the following command:- pacman -Q | grep 'xz' confirm the returned value is 'xz 5.6.1-2', if not please post here the image name so i can investigate. Note:- If you are using an archived image then this will not be patched, also if you are using a tagged image then again this will not be patched.

that log is useless, please do the following:- https://github.com/binhex/documentation/blob/master/docker/faq/help.md

there is no torrent creator for the webui version of qbittorrent, see this issue:- https://github.com/qbittorrent/qBittorrent/issues/5614

left click the container and click on the 'show more settings....' and it will reveal the path for /config, i would assume its pointing at your array, if you want it to use your cache drive then stop the container, move the files to the cache drive and then change the host path to point at the cache drive location where you moved the files to.

@uberchuckie issue was resolved, if you have the same issue then do the following:- https://forums.unraid.net/topic/44109-support-binhex-delugevpn/?do=findComment&comment=1400857

OK all images are now up to date, please perform a 'check for updates' and pull down any out of date images. Note:- I do not know what image you are using for your minecraft server but mineos-node has now been archived, so if you are using this image i would encourage you to switch to a maintained image such as crafty4 as this will NOT include the updated xz package. Be aware version 5.6.1-2 is the patched version, so if the version of xz is still showing v5.6.1 then this will be the patched release - see link for more details:- https://security.archlinux.org/ASA-202403-1

This is the issue, you need to talk to AirVPN about this if there is no newer certificate.

the 'network type' should be set to 'bridge' is this the case? the reason i ask is that in bridge mode you do not specify ports.

Yes, it looks like the diagnostics tool is grabbing the entire process name including all env vars defined for the container, the env vars will specify (amongst a lot of other things) the username and password for the vpn provider, i assume this would be true for any env vars for any container, not just this one. obfuscation of credentials is actually quite difficult to do in a robust manner, line wraps or other unexpected conditions can cause the credential to leak even if obfuscation is used.

The cert is auto generated as part of the startup process, i have just run from fresh and i can see the cert has a creation date of today and expires in 3 years, you could try stopping the container, then delete the /config/ssl folder and start the container, this should force a new cert to be created.

I'm currently on holiday, I shall take a look when I get back on Saturday Sent from my 22021211RG using Tapatalk

I'm waiting on the upstream update, if it doesn't happen by the end of this week then I shall have to compile it myself and include in the build Sent from my 22021211RG using Tapatalk

https://forums.unraid.net/topic/44108-support-binhex-general/?do=findComment&comment=1396797

This is probably as good as any place, so lets keep correspondence about the issue here.

Some of the image i have built MAY have the affected versions installed, i am currently running a build of the base image to perform the 'Resolution' (see link) and i will then kick off builds of subsequent images. For reference here is the ASA for Arch Linux (base os), pay attention to the 'Impact', also keep in mind unless there is code calling xz then xz will not be running and therefore the risk is reduced, however i am keen to get all images updated:- https://security.archlinux.org/ASA-202403-1 EDIT - Further investigation into the way xz interacts with the system, it looks like in order for the exploit to be used you would need to have systemd operational (not the case with any of my images) and OpenSSH installed (not the case with any of my images), so in my opinion the risk is low here, but as I mentioned above I am keen to get all images updated, so please be patient as this can take a while and its Easter time so my time is restricted.

That's your problem, this image is designed to work using the default 'bridge' if you want to use custom networks then you are on your own, sorry.

it will depend on how large your database is as to how long it will take, give it an hour, if it hasnt progressed then restart the container and hope for the best.

you should of left it to complete, if you shutdown the container part way through then you will bugger up your database. if you now do have a corrupt database (likely if you did the above) then follow Q4 and Q5:- https://github.com/binhex/documentation/blob/master/docker/faq/plex.md

2 things to check:- 1. go to unraid docker web ui, left click sonarr and select 'edit' then top right click on 'basic view' toggle to turn it on to 'advanced view', then check the 'repository' it should be set to 'binhex/arch-sonarr' if it has a colon and then some value then you are hard set to a particular tagged image, remove the colon and the value after it. 2. go to unraid docker web ui, click on top right click on 'basic view' toggle to turn it on to 'advanced view' then click on 'force update' link. this should sort you out, and to answer your question, no i would not expect an old CA plugin to block updates to docker images.

that is a very odd version! same as the other guy, i have never produced that version, or at least i have no image tagged with that version, the current latest version is Sonarr 4.0.2.1183:-

I have never released Sonarr version 3.0.4.1126. you sure about that?

ok so walk me through the steps you did in the web ui to make it error, also you are up to date right?, please ensure you have done a 'force update' edit - using cloudflare by any chance?

im using this image myself and search works with no issue, i can also add a series and see details about the new series, what am i missing here?