Mender blog

This article offers a short investigation into the prospect of putting and managing a Raspberry Pi in production with a commercial product. This involves finding out whether it is feasible or not to ship your product with a certain Pi model embedded inside. If you decide to do so, what considerations and configurations should be factored in by the time you ship the devices into th...

These days, managing a robust and coherent update deployment pipeline across multiple hardware variants is a big challenge for many device manufacturers and device fleet managers. These variants can appear from the outside to be using the same hardware parts, but on the inside the parts can differ. There are 2 key reasons for this: first one, there is a well documented global shortage of chips,...

This tutorial will explain specifically the concept of state scripts in the OTA solution Mender.io and give an example of how to integrate them into Yocto embedded Linux.

To begin with, let’s explain what Mender state scripts are and what typical use cases they can serve? The Mender Client has the ability to run scripts at defined points in the update deployment procedure. Those state scr...

We recently discovered two vulnerabilities in Mender, thanks to the security researchers April Chaire, Jeff Hofmann, Joey Perme, Nathaniel Singer and Matteo Tarbet, and we have now fixed them.

The deviceconnect microservice in Mender before version 3.2.2 allows Cross-Origin WebSocket Hijacking. The vulnerability is present in the following versions of the product: 2.6.x, 2.7.x, 3.0.x, 3.1.x, 3.2...

Mender users may often deal with device inventory information such as CPU model, IP address, and software versions pertaining to each device. Mender users may also be using Azure IoT Hub for device fleet application telemetry which can contain a set of additional device information. These two services, Mender and Azure IoT Hub, initially may exist in silos which could mean managing and dealing wit...