Skip to content
July 7, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • Linux
  • UBOS Linux Beta 14 release, Linux distro for personal servers and Indie IoT devices
  • Linux

UBOS Linux Beta 14 release, Linux distro for personal servers and Indie IoT devices

Do Son May 1, 2018 5 minutes read
UBOS Linux
Add Daily CyberSecurity as a preferred
source on Google

UBOS Linux is an Arch Linux based server distribution. UBOS, a new Linux distro, in order to make it simple to set up and maintain a Linux server that runs common web applications and keeps data under control of the owner of the server. It’s our vision that everybody should have a server in their home one day that stays independent of the big commercial and governmental overlords.

UBOS Linux Feature

  • With UBOS Linux, web applications can be installed, and fully configured with a single command. This takes out the drudgery of software installation and configuration on servers and allows much more people to run their own websites.Wanting to run a, say, Python app should not require users having to know anything about Python; same about other languages, frameworks, databases and the like. You don’t care about which language was used to create apps on your smartphone either.

    On UBOS Linux, unlike other Linux distros, a typical user never has to edit a Linux-level configuration file (say in /etc/), provision a database, start or stop services, and the like.

  • UBOS fully automates app management at virtual hosts. You can run, say, five different instances of WordPress with different plugins and themes at five different hostnames on the same computer, or even at the same hostname (e.g. example.com/blog1, example.com/blog2 etc.). You can deploy all of them individually or at the same time with a single command.UBOS can now also automatically obtain SSL/TLS certificates from Letsencrypt.org.
  • UBOS pre-installs and pre-configures networking and other infrastructure, so it is ready to be used as soon as it has booted. For example, not only does UBOS boot as a DHCP client, but also runs a web server with a default web application behind a preconfigured firewall. This allows the user to use UBOS immediately, with little to no systems configuration.On other distros, this is an open-ended manual process requiring substantial systems administration knowledge and even more patience.
  • Systems that have two Ethernet interfaces can be turned into a home router/gateway with a single command. In this “gateway” configuration, UBOS automatically sets up network masquerading, a firewall, a local DNS and DHCP server.Apps installed on the system can either be only accessible on the local-area network or also on the public internet.
  • UBOS can backup or restore all, or any subset of installed applications on a device, including their entire configuration (like TLS) in a single command. Optionally, backups may be encrypted and/or automatically uploaded to Amazon S3.
  • UBOS “full-stack testing” ensures that core UBOS operating system, networking, middleware, and apps, are all tested with each other before a new UBOS release is pushed out. This reduces the likelihood that, for example, an upgrade to the database or web server will break a web application.Some Linux distros perform similar testing with desktop applications, but we are not aware of any other distros that do it for server-side, web applications.
  • Unlike most other distros, UBOS does not try to provide every conceivable package. Instead, we try to provide a few packages as possible by eliminating alternate packages that provide overlapping functionality. For example, we picked Apache over nginx (due to broader software support). To support the goals of UBOS, this has great advantages: it makes testing much simpler because UBOS has far less code, and far fewer configurations need to be tested. This, in turn, makes application developers’ lives easier and installations less brittle.Users who wish to use other packages not provided through UBOS can still obtain those from the Arch Linux repositories. UBOS is a (compatible) derivative of Arch Linux.
  • UBOS uses a rolling-release development model (see Wikipedia page). UBOS never requires major upgrades; instead, updates are made available incrementally. This ensures that devices can continue to be updated and keep running for the long-term.
  • UBOS itself is all free/libre and open software, so there’s no proprietary lock-in and you can keep us honest by reviewing our code.There is one exception: some hardware platforms, notably some versions of the ARM, require “blobs” to function. (The Free Software Foundation provides a great description.) UBOS bundles those blobs in order to be able to support those platforms. Of course, if you don’t like proprietary blobs, only use UBOS on platforms where they aren’t required. In, of course, you can install and run whatever software you like, in addition to what is available through the official UBOS repositories.

UBOS Linux Beta 14 release. This version has been focused on:

  • It’s now easy to use a separate “big data disk” (like an external USB disk on a Raspberry Pi, or an extra big volume on Amazon EC2). This makes it much simpler for UBOS users that have a lot of data on their device.
  • Perform backup and system upgrade in a single step for even less work and worry when upgrading everything from OS to apps.
  • Create sites from templates files, and only fill in the information that wasn’t provided already in the template.
  • There’s a new command for concisely displaying the networking configuration.
  • Developers can now write installation scriptlets in any language; there is no more need to write Perl wrappers.
  • … plus the usual hundreds of package upgrades, feature improvements and bug fixes.
  • More…

 

Download

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: UBOS Linux

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-45659CVSS 8.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-55500CVSS 9.9
    ## Summary The `/api/settings/database` endpoint allows full database export (containing all credentials,...
  • CVE-2026-54496CVSS 9.3
    ### Summary A soundness vulnerability in the variable-base scalar multiplication gadget of...
  • CVE-2026-55615
    Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no...
  • CVE-2026-57572CVSS 10.0
    Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0,...
  • CVE-2026-57571CVSS 9.6
    Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0,...
  • CVE-2026-34038CVSS 9.9
    Coolify is an open-source and self-hostable tool for managing servers, applications, and...
  • CVE-2026-54769CVSS 10.0
    ### Advisory Details **Title**: Sandbox Escape to Remote Code Execution via Incomplete...
  • CVE-2026-54760
    # SQLChatAgent `_validate_query` dangerous-pattern regex is bypassable via quoted/commented/qualified function names ##...
  • CVE-2026-53486CVSS 9.1
    ### Impact When extracting an archive to a directory, a crafted archive...
  • CVE-2026-9181CVSS 9.8
    ArcGIS Server contains a directory traversal vulnerability. An unauthenticated attacker could exploit...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.