OTOBO Docker Update – Safely Upgrading Your Version

Regularly upgrading your OTOBO installation ensures you can immediately benefit from new features, security patches, and bug fixes. This guide explains how to update a Docker-based OTOBO instance to the desired release in just a few steps.

Prerequisites

• An existing OTOBO installation with Docker & Docker Compose
• SSH access to the host
• A backup of your important data (Docker volumes for /opt/otobo, database, Elasticsearch index)
• The desired target version, e.g., 11.0.10 or 10.1.8

Step 1: Update the Docker Compose Configuration

1. Change to your OTOBO Docker project directory:

   cd /opt/otobo-docker

2. Fetch new Git tags and switch to the desired release:

   git fetch --tags
   git checkout rel-11_0_10    # Example for version 11.0.10

3. If necessary, adjust your .env file, e.g.:

   OTOBO_IMAGE=rotheross/otobo:11.0.10
   OTOBO_IMAGE_ELASTICSEARCH=elasticsearch:8.8.2
   OTOBO_IMAGE_NGINX=nginx:1.23-alpine

Step 2: Pull New Docker Images

docker-compose pull

Step 3: Stop and Update Containers

1. Stop the old containers (volumes will be preserved):

   docker-compose down

2. Migrate the code volume to the new version:

   docker-compose run --rm web copy_otobo_next

3. Start the containers with the new software:

   docker-compose up -d

Step 4: Perform the OTOBO Internal Update

1. Execute update tasks:

   docker-compose exec web entrypoint.sh do_update_tasks

2. Optional: Database migration script for major releases (e.g., 10.1→11.0):

   docker exec -it otobo_web_1 perl scripts/DBUpdate-to-11.0.pl

3. Check the update log:

   docker-compose exec web cat /opt/otobo/var/log/update.log

Step 5: Finalization & Verification

• Check status: docker-compose ps shows if all containers are running
• Test login: Ensure that agents and customers can log in
• Quick test: Create a ticket, send emails, and check core functionalities

Available OTOBO Versions

Major and minor releases (selection):

• 11.0.10: Offers internal improvements and updated Docker tags for stable deployments.
• 11.0.9: Closes a critical security vulnerability (CVE-2025-43926) and optimizes the ticket search module.
• 11.0.8: Strengthened password hashing algorithms and improved two-factor authentication.
• 11.0.7: Various bug fixes, including corrections for checkbox display and article links.
• 11.0.6: Important security updates against JavaScript injection and migration to CKEditor 5.
• 11.0.5: Layout optimizations for CKEditor 5 and improved translation of services.
• 11.0.4: Enhanced translation system and optimized Docker quickstart scripts.
• 11.0.3: Fixes database errors during ticket merge and issues with dynamic fields.
• 11.0.2: Automatic loading of ITSM repos and better upgrade detection for core packages.
• 11.0.1: New dynamic field features and a high-contrast skin for better accessibility.
• 11.0.0‑beta3: Migration to HTML::Scrubber for safer Safety() behavior.
• 11.0.0‑beta2: Refined dynamic reference fields and integration of new core packages.
• 10.1.8: Security fix for XSS in AdminCustomerUser and robust HTTP header validation.
• 10.1.7: Improved calendar display and more stable Elasticsearch handling.
• 10.1.6: Closes an SQL injection in TicketSearch and optimizes appointment notifications.
• 10.1.5: Prevents code injection in ACLs and updates important JavaScript libraries.
• 10.1.4: Corrects vulnerabilities in LDAP synchronization and improves bulk updates.
• 10.1.3: Prevents server-side calls in the admin interface and closes XSS vulnerabilities.
• 10.1.2: Bug fixes in the DynamicFieldDatabase module for persistent searching.
• 10.1.1: Enhanced customer dashboard and improved Elasticsearch self-healing.

Note: For major version jumps (e.g., 10.1 → 11.0), always perform the minor upgrade first, then the major upgrade.