EDSCLS Platform/Virtual Machine (VM) Updates

The EDSCLS platform/virtual machine (VM) is scanned and updated on a regular basis. The purpose of the scan is to detect possible new security risks. Updates are made to provide protections from identified security risks and make improvements. Click here for suggestions on keeping your EDSCLS VM secure from cyber-attacks.

How Often Is the EDSCLS VM Updated?

It depends. The EDSCLS VM is scanned every other month. Any critical security issues are addressed immediately; how quickly an issue is addressed depends on the required resolution. Otherwise, minor issues that do not affect the functionality of the EDSCLS are patched on a quarterly basis as needed. As improvements are identified, those fixes are made as security issues are patched. Information on each version will be posted on this webpage for your information.

How Can I Find Out About EDSCLS VM Updates?

Users should check this webpage at least once every other month for possible updates. Alternatively, if you would like to receive emails when updates are released, we can add you to a list of users. Simply complete the following form to quickly add your contact information. 

EDSCLS VM Update Contact List Form

Your Feedback Drives EDSCLS VM Updates!

Your thoughts and experiences with the EDSCLS VM matter to us. Our number one goal is to help you use the EDSCLS as efficiently and successfully as possible to meet the school climate improvement data collection needs of your districts and schools. For that reason, we use each VM update as an opportunity to incorporate suggestions and recommendations that users have shared. For example, Most VM updates include fixes to reported issues to the Help Desk.

If you would like to provide us feedback on the EDSCLS VM, information regarding any challenges you are experiencing with the EDSCLS VM, or any recommendations you have for future improvements, please complete the following feedback form. 

EDCSLS Feedback Form

Where Can I Find the Latest EDSCLS VM and Older Versions?

The table below lists each version of the EDSCLS VM that has been released, including when it was released and a brief description of what changed.  For details on each version, click the linked EDSCLS VM version in the table below and you will be directed to a webpage with more information. 

Date of Release EDSCLS Platform/VM Version Summary

June 3, 2020


  • Updated MySQL 5.7.30 (replacing 5.7.29), PHP 7.0.33 (minor patch), Python 2.7.12 (minor patch), Linux-firmware patch 1.157.23 (replacing 1.157.22), and Linux (replacing

  • Applied late vulnerability fixes for the following: apt-utils (1.2.32ubuntu0.1) over (1.2.32), file (1:5.25-2ubuntu1.4) over (1:5.25-2ubuntu1.3), libmagic1:i386 (1:5.25-2ubuntu1.4) over (1:5.25-2ubuntu1.3), libjson0:i386 (0.11-4ubuntu2.5) over (0.11-4ubuntu2), libjson-c2:i386 (0.11-4ubuntu2.5) over (0.11-4ubuntu2), libexif12:i386 (0.6.21-2ubuntu0.2) over (0.6.21-2ubuntu0.1), and pulseaudio (1:8.0-0ubuntu3.12) over (1:8.0-0ubuntu3.11).  

FY 2019-20 Updates

Date of Release EDSCLS Platform/VM Version Summary
March 30, 2020 EDSCLS VM 4.4.3​ 
  • Updated MySQL 5.7.29 (replacing 5.7.28), PHP 7.0.33 (minor patch), and Linux (replacing
February 4, 2020 EDSCLS VM 4.4.2​ 
  • Updated MySQL 5.7.28 (replacing 5.7.27), RabbitMQ 0.7.1-u2 (replacing 0.7.1-u1), and Linux (replacing
December 4, 2019 EDSCLS VM 4.4.1​ 
  • Updated Apache 2.4.18, PHP 7.0.33, Python 2.7.12 / 3.5.2, and Linux (replacing Applied vulnerability fix for intel-microcode (3.20191112).
October 1, 2019 EDSCLS VM 4.4.0
  • Updated  MySQL 5.7.27 (replacing 5.7.26), RabbitMQ4 0.7.1 (minor patch 0.1), and Linux (replacing
  • To avoid corrupting the database, added a validation check, which verifies that the data file a user is importing into the platform is in correct format. The validation check verifies that the column order, column headers, and the number of columns are correct; that every row contains a user ID and an NCES school ID that is a 12-digit number. An error message pops up when a problem is detected during the validation. 
  • Updated the NCES school ID look-up tables on the EDSCLS platform with the 2018-19 CCD data.

FY 2018-19 Updates

Date of Release EDSCLS Platform/VM Version Summary
August 20, 2019 EDSCLS VM 4.3.2
  • Updated  MySQL 5.7.27 (replacing 5.7.26), RabbitMQ4 0.7.1 (minor patch 0.1), and Linux (replacing
July 30, 2019 EDSCLS VM 4.3.1
  • Updated Linux (replacing 
  • Updated gvfs 1.28.2-1 (security fix 16.04.3), libglib 2.0 2.48.2 (security fix 4.3), libnss3 2:3.28.4 (security fix 16.04.6), and bash 4.3-14 (security fix 1.4).
June 21, 2019 EDSCLS VM 4.3
  • Updated PHP 7.0.33 (minor patch 16.04.5) and Linux (replacing 
  • Enhanced user interface to comply more fully with Section 508 accessibility guidelines (e.g., fixed color contrasts, added labels to blank table cells).
May 21, 2019 EDSCLS VM 4.2.2
  • Updated MySQL 5.7.26 (replacing 5.7.25), PHP 7.0.33 (minor patch), and Linux (replacing
May 3, 2019 EDSCLS VM 4.2.1
  • Updated Apache 2.4.18, OpenSSL 1.0.2g, PHP 7.0.33 (replacing 7.0.32), and Linux (replacing
  • Disabled TLS v1.0/1.1 on postfix and webmin, allowing only TLSv1.2.
March 14, 2019 EDSCLS VM 4.2.0
  • Updated MySQL 5.7.25 (replacing 5.7.23) and Linux Kernel (replacing
  • Added page breaks to the scale score PDF export report to make it easier to read.
  • Added a warning to the Import Survey Results Dashboard to remind users not to export and import the same staff or parent data collections more than once. 
  • Added a column with refusal information to the EDSCLS Survey Submission Rate Report and Case Disposition Status tables and changed the calculation of the survey submission rate to exclude refusals.
  • Modified the VM numbering scheme so that users could more easily identify the kind of enhancements made to the platform. The second digit of the VM number will go up when VM releases include source code changes (e.g., 4.2.0); when VM releases only include routine security patches, the third digit will go up (e.g., 4.1.1).

January 25, 2019


Updated vulnerable packages (python-lxml, python3-lxml, libssl, ghostscript, and libgs9) and Linux Kernel (replacing

December 4, 2018


Updated Python 2.7.12, Python 3.5.2, MySQL 5.7.24 (replacing 5.7.23),  OpenSSH 1:7.2u2.6 (replacing 1:7.2u2.5), and Linux Kernel (replacing

November 8, 2018


  • Updated PHP 7.0.32 (replacing 7.0.30), OpenSSH 1:7.2u2.5 (replacing 1:7.2u2.4), and Linux Kernel (replacing
  • Improved scale score reporting; users can now view or export all scare scores at one time.
  • Expanded character limit of the education agency name to 60 characters.
  • Expanded the list of frequently asked questions and moved them to the EDSCLS microsite.

September 26, 2018


Updated Linux Kernel (replacing


FY 2017-18 Updates

Date of Release EDSCLS Platform/VM Version Summary

August 28, 2018


Updated MySQL 5.7.23 (replacing 5.7.22) and Linux Kernel (replacing

July 26, 2018


Updated Perl 5.22, Apache 2.4.18, OpenSSL 1.0.2g, AMD-Microcode 3.2 (replacing 2.2) and Linux Kernel (replacing

June 27, 2018


Updated PHP 7.0.30 (replacing 7.0.30) and Linux Kernel (replacing Fixed the bug in VM 3.5 that prevented users from running scale score reports at the school level.

May 24, 2018


Updated MySQL 5.7.22 (replacing 5.7.21) and Linux Kernel (replacing

May 03, 2018


Applied upgrades for OpenSSL (1.0.2g), Perl 5.22 (5.22.1), PHP7.0 (7.0.28), and Apache2 (2.4.18). Updated to Linux Kernel 4.4.0-119 (replacing 4.4.0-116).

March 22, 2018


Applied minor distribution upgrades for Python, Erlang, PHP, and Postfix; updated to Linux Kernel 4.4.0-116 (replacing 4.4.0-112); updated NCES school IDs in the lookup tables with the 2015-16 CCD data.

March 05, 2018


Updated PHP 7.0.25 (replacing 7.0.22), MySQL 5.7.21 (replacing 5.7.20), Python 2.7.12, Postfix 3.1.0, Erlang 1:18.3, OpenSSH 1:7.2p2, DNS 1:9.10.3, and Linux Kernel

January 29, 2018


Updated SSL 1.0.2g (4.10 over 4.09), Python 2.7/3.5, VirtualBox, and Linux Kernel (replacing

FY 2016-17 Updates

Date of Release EDSCLS platform/VM version Summary

December 2017


Added psychometric-based benchmark data to help users interpret the meaning of their data.

Updated MySQL Client and Server 5.7, SSL 1.0.2g, Python 3, Postfix 3.1, SSL vulnerabilities, and Linux Kernel (replacing

September 2017

EDSCLS VM 2.7.4 Tweaked CSS to fix buttons in UI, applied security patches and package updates (of interest: Python 3.5, Apache 2, SMB client, DNS, XML2, and GDK), and updated the Linux kernel to 4.4.0-96.

September 2017

EDSCLS VM 2.7.3 Updated the Apache 2 web server, MySQL database client and server, PHP 7 scripting language, Phython 3 scripting language, RabbitMQ back-end queuing service, and Linux kernel.

July 2017

EDSCLS VM 2.7.2 Patched security vulnerabilities with Ubuntu and PHP; upgraded MySQL, Python, PHP, and RabbitMQ; updated the Linux kernel, SSL library and Apache2 web server.

March 2017

EDSCLS VM 2.7 Operating system updated to Ubuntu 16.4; PHP 7 and MySQL 5.7 upgrades; security patches; and updates, including addition of a new item in the instructional and noninstructional staff surveys.

FY 2014-16 Updates

Date of Release EDSCLS platform/VM version Summary
March 2016 EDSCLS VM 2.6 Original release
March 2015 Pilot EDSCLS Pilot version. NOTE that this version is for archive purposes only and should not be used. 

How Can I Keep My EDSCLS VM Secure?

It is critical to ensure your EDSCLS VM is secure to prevent external security breaches. To protect your EDSCLS VM from cyber-attacks, you can do one of three things:

  1. Power your current EDSCLS VM off after completing your entire data collection. See User Guide, Step 13 of Subsection C under Section 2.1.1 Installation and Configuration for instructions. The VM can be powered back on if needed. Before conducting the next data collection, you could then download the latest version of the EDSCLS VM and use that. 
  2. Download and reinstall the latest version of the EDSCLS VM, including exporting data from the old VM and importing data into the new VM. See Recommended Steps for updating to the latest EDSCLS VM above for instructions.  
  3. Manually apply security patches from the EDSCLS VM terminal command line. See the User Guide Section 2.1.3 Source Code and Database Access for details.

Get the Latest EDSCLS VM