Real time changelog for Porteus Kiosk Server


Each new system version (like e.g. 20151128) triggers an action to pull updated component from our update servers. After short downtime the system is ready to use with all security fixes, updates and new features merged into the ISO. Everthing is done automatically without any user action.

Porteus Kiosk Server version 20250420

  • Default system components:

  • - synced with master: #250420

  • 005-server:

  • - upgraded to sshfs-3.7.3-r2, tigervnc-1.15.0

    Porteus Kiosk Server version 20250330

  • Default system components:

  • - synced with master: #250330

    Porteus Kiosk Server version 20250302

  • Default system components:

  • - synced with master: #250302

    Porteus Kiosk Server version 20250119

  • Default system components:

  • - synced with master: #250119

  • 005-server:

  • - upgraded to fltk-1.3.8, readline-8.2_p13-r1

  • 006-virt:

  • - upgraded to libtirpc-1.3.6, virtualbox-guest-additions-7.0.20

    Porteus Kiosk Server version 20241222

  • Default system components:

  • - synced with master: #241222

    Porteus Kiosk Server version 20241124

  • Default system components:

  • - synced with master: #241124

    Porteus Kiosk Server version 20241020

  • Default system components:

  • - synced with master: #241020

  • 005-server:

  • - upgraded to readline-8.2_p13, bash-5.2_p37, cifs-utils-7.0-r1

  • 006-virt:

  • - upgraded to libtirpc-1.3.5

    Porteus Kiosk Server version 20240915

  • Default system components:

  • - synced with master: #240915

    Porteus Kiosk Server version 20240818

  • Default system components:

  • - synced with master: #240818

    Porteus Kiosk Server version 20240720

  • Default system components:

  • - synced with master: #240720

    Porteus Kiosk Server version 20240707


    This release fixes the SSH vulnerability which allows the attacker to execute the code remotely: (CVE-2024-6387). You are required to upgrade, please do it immediately. Please reboot your servers in order to receive the latest patches.


  • Default system components:

  • - synced with master: #240707

  • 005-server:

  • - server fix fixed a bug where 'Wake on LAN' function did not work after a PK Server reboot

    - upgraded to readline-8.2_p10, bash-5.2_p26-r6

    Porteus Kiosk Server version 20240616

  • Default system components:

  • - synced with master: #240616

  • 005-server:

  • - server fix updated description of 'Administration Panel -> Actions -> Update homepage' action to better explain that it should be used only for a temporary homepage change (emergency cases) and that remote config should be used for persistent kiosk configuration changes

    Porteus Kiosk Server version 20240519

  • Default system components:

  • - synced with master: #240519

    Porteus Kiosk Server version 20240421

  • Default system components:

  • - synced with master: #240421

  • 005-server:

  • - server fix do not send a notification email if recipient address is set to default 'someone@domain.com'

  • 006-virt:

  • - upgraded to glibmm-2.66.7, gtkmm-3.24.9

    Porteus Kiosk Server version 20240328

  • Default system components:

  • - synced with master: #240328

    Porteus Kiosk Server version 20240317

  • Default system components:

  • - synced with master: #240317

    Porteus Kiosk Server version 20240310


    This release hardens the security on the SSH jail container where clients upload their data. You are required to upgrade, please do it immediately. Please reboot your servers in order to receive the latest patches.


  • Default system components:

  • - synced with master: #240310

  • 005-server:

  • - server security fix persistent partition on the server is mounted with the 'noexec' flag by default, this way the files/binaries which are uploaded by the clients can not be executed in the jail. If you need to keep executables on the persistent partition then please contact with support@porteus-kiosk.org and we will guide you how to workaround this limitation (in short: executables must be copied from persistent partition to tmpfs during every server boot before they can be used).

    - server security fix 'proc' filesystem is no longer mounted in jail. The lack of it breaks a proper 'client ID' calculation when registering new kiosk clients in version 4.3.0 - 5.1.0. If for some reason you still need to install such an old client version then please use the static 'client_id=' parameter for each kiosk instead of 'client_id=automatic'.

    - server security fix removed 'ls' and 'netstat' utilities which are no longer needed for registration of new clients in version 5.2.0 and newer

    - server security fix files uploaded by the clients must meet specific criteria before they are accepted on the server. The check is performed in regards to: file type, file size, file name, file content.

    - server security fix for doubled security the client host files (information about system/browser/kernel version, IP/MAC address, etc) are stored outside of the jail container

    - server security fix clients are not allowed to upload VNC passwords on the server, server will retrieve passwords directly from the client when initializing the VNC connection to it

    - server security fix restricted port forwarding capabilities for the SSH service so PK Server can no longer be used as a SSH proxy


    The work is not completed yet. In order to fully secure the connection between the clients and the server we need to generate a SSL certificate and a connection password individually for each customer. We plan to implement this in the coming weeks.

    Porteus Kiosk Server version 20240303

  • Default system components:

  • - synced with master: #240303

    Porteus Kiosk Server version 20240211

  • Default system components:

  • - synced with master: #240211

  • 005-server:

  • - upgraded to libcap-ng-0.8.4

  • 006-virt:

  • - upgraded to libtirpc-1.3.4-r1

    Porteus Kiosk Server version 20240121

  • Default system components:

  • - synced with master: #240121

    Porteus Kiosk Server version 20240107

  • Default system components:

  • - synced with master: #240107

  • 005-server:

  • - upgraded to fuse-3.16.2

  • 006-virt:

  • - security fix libtirpc-1.3.4: Multiple vulnerabilities #915404

    Porteus Kiosk Server version 20231217

  • Default system components:

  • - synced with master: #231217

    Porteus Kiosk Server version 20231125

  • Default system components:

  • - synced with master: #231125

    Porteus Kiosk Server version 20231104

  • Default system components:

  • - synced with master: #231104

    Porteus Kiosk Server version 20231015

  • Default system components:

  • - synced with master: #231015

  • 006-virt:

  • - security fix open-vm-tools-12.2.5: Possible denial of service vulnerability (CVE-2023-20867) #908555

    Porteus Kiosk Server version 20230930

  • Default system components:

  • - synced with master: #230930

  • 005-server:

  • - upgraded to sshfs-3.7.3-r1, fuse-3.16.1

  • 006-virt:

  • - upgraded to gtkmm-3.24.8

    Porteus Kiosk Server version 20230909

  • Default system components:

  • - synced with master: #230909

  • 005-server:

  • - upgraded to cifs-utils-7.0, tar-1.35, fuse-3.15.1

    Porteus Kiosk Server version 20230820

  • Default system components:

  • - synced with master: #230820

    Porteus Kiosk Server version 20230805

  • Default system components:

  • - synced with master: #230805

    Porteus Kiosk Server version 20230715

  • Default system components:

  • - synced with master: #230715

    Porteus Kiosk Server version 20230625

  • Default system components:

  • - synced with master: #230625

    Porteus Kiosk Server version 20230604

  • Default system components:

  • - synced with master: #230604

    Porteus Kiosk Server version 20230514

  • Default system components:

  • - synced with master: #230514

  • 005-server:

  • - upgraded to tar-1.34-r3

    - server fix shorten the long Firefox version numbers (e.g. 102.11.1) so they are displayed properly in the Administration Panel

  • 006-virt:

  • - upgraded to glibmm-2.66.6 

    Porteus Kiosk Server version 20230423

  • Default system components:

  • - synced with master: #230423

  • 005-server:

  • - upgraded to tigervnc-1.13.1, fuse-3.14.1

    Porteus Kiosk Server version 20230408

  • Default system components:

  • - synced with master: #230408

  • 006-virt.xzm:

  • - server fix delete VMware logs during every server boot to prevent filling persistent partition