OTOBO Docker Update – Upgrading Versions Safely

Regularly upgrading your OTOBO installation ensures you can immediately benefit from new features, security patches, and bug fixes. This guide explains how to bring a Docker-based OTOBO instance to your desired release in a few simple steps.

Prerequisites

• An existing OTOBO installation with Docker & Docker Compose
• SSH access to the host
• Backup of your important data (Docker volumes for /opt/otobo, database, Elasticsearch index)
• Desired target version, e.g., 11.0.10 or 10.1.8

Step 1: Update Docker Compose Configuration

1. Navigate to your OTOBO Docker project directory:

   cd /opt/otobo-docker

2. Fetch new Git tags and switch to the desired release:

   git fetch --tags
   git checkout rel-11_0_10    # Example for version 11.0.10

3. If necessary, adjust your .env file, for example:

   OTOBO_IMAGE=rotheross/otobo:11.0.10
   OTOBO_IMAGE_ELASTICSEARCH=elasticsearch:8.8.2
   OTOBO_IMAGE_NGINX=nginx:1.23-alpine

Step 2: Fetch New Docker Images

docker-compose pull

Step 3: Stop and Update Containers

1. Stop old containers (volumes remain):

   docker-compose down

2. Migrate the code volume to the new version:

   docker-compose run --rm web copy_otobo_next

3. Start containers with new software:

   docker-compose up -d

Step 4: Perform OTOBO Internal Update

1. Execute update tasks:

   docker-compose exec web entrypoint.sh do_update_tasks

2. Optional: Database migration script for major releases (e.g., 10.1→11.0):

   docker exec -it otobo_web_1 perl scripts/DBUpdate-to-11.0.pl

3. Check the update log:

   docker-compose exec web cat /opt/otobo/var/log/update.log

Step 5: Completion & Verification

• Check Status: docker-compose ps shows if all containers are running.
• Test Login: Ensure agents and customers can log in.
• Quick Test: Create a ticket, send emails, and check core functionalities.

Available OTOBO Versions

Major and minor releases (selection):

• 11.0.10: Provides internal improvements and updated Docker tags for stable deployments.
• 11.0.9: Closes a critical security vulnerability (CVE-2025-43926) and optimizes the ticket search module.
• 11.0.8: Strengthened password hashing algorithms and improved two-factor authentication.
• 11.0.7: Various bug fixes, including corrections for checkbox display and article links.
• 11.0.6: Important security updates against JavaScript injection and switch to CKEditor 5.
• 11.0.5: Layout optimizations for CKEditor 5 and improved translation of services.
• 11.0.4: Extended translation system and optimized Docker quickstart scripts.
• 11.0.3: Fixes database errors during ticket merging and issues with dynamic fields.
• 11.0.2: Automatic loading of ITSM repos and better upgrade detection for core packages.
• 11.0.1: New dynamic field functionalities and a high-contrast skin for better accessibility.
• 11.0.0-beta3: Transition to HTML::Scrubber for safer Safety() behavior.
• 11.0.0-beta2: Refined dynamic reference fields and integration of new core packages.
• 10.1.8: Security fix for XSS in AdminCustomerUser and robust HTTP header validation.
• 10.1.7: Improved calendar display and more stable Elasticsearch handling.
• 10.1.6: Closes an SQL injection in TicketSearch and optimizes appointment notifications.
• 10.1.5: Prevents code injection in ACLs and updates important JavaScript libraries.
• 10.1.4: Corrects gaps in LDAP synchronization and improves mass updates.
• 10.1.3: Prevents server-side calls in the admin interface and closes XSS vulnerabilities.
• 10.1.2: Bug fixes in the DynamicFieldDatabase module for consistent searching.
• 10.1.1: Extended customer dashboard and improved Elasticsearch self-healing.

Note: For major version jumps (e.g., 10.1 → 11.0), always perform the minor upgrade (10.1) first, then the major upgrade (11.0).