Engine Yard Release Notes- February 2018

Engine Yard Stack Release Notes for February 16th, 2017

Minor: Engine Yard Gentoo 12.11 stack upgrade

Action: You apply the following changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the Engine Yard Gentoo 12.11 stack. You can access it by using the Stack select field in the Environment UI:stable-v4-2.0.127

stack_stable-v4_2.0.png

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates.

  • Updated Nginx package (www-servers/nginx) to version 1.2.9-r9 for 1.2.x series and 1.6.3-r2 for 1.6.x.
  • Eliminated usage of weak keys in DH algorithm.
  • Updated HAProxy package (net-proxy/haproxy) to version <insert_version>.
  • Updated Percona-Server package (dev-db/percona-server) to 5.6.37 for 5.6.x series.
  • Updated package sys-apps/newrelic-sysmond to version <insert_version>.
  • Updated Curl package (net-misc/curl) to version 7.26.0-r3 fixing security issues.
  • Updated app-admin/sudo package to version 1.8.5_p2-r2 fixing security issues.
  • Updated package dev-libs/libxml2 to version 2.8.0-r4 fixing security issues.
  • Updated package dev-libs/libgcrypt to version 1.5.0-r4 fixing security issues.
  • Fixed ‘lsof’ usage against some very rare issue scenarios.
  • New instances booted using this stack will use EYGL AMI revision 2012.11.043.final. Changes since EYGL AMI 2012.11.042.final:
      • =app-admin/sudo-1.8.5_p2-r1 has been upgraded to =app-admin/sudo-1.8.5_p2-r2 addressing multiple security issues.
      • =net-misc/curl-7.26.0-r2 has been upgraded to =net-misc/curl-7.26.0-r3 addressing multiple security issues.
      • =dev-libs/libxml2-2.8.0-r3 has been upgraded to =dev-libs/libxml2-2.8.0-r4 addressing multiple security issues.
      • =dev-libs/libgcrypt-1.5.0-r3 has been upgraded to =dev-libs/libgcrypt-1.5.0-r4 addressing multiple security issues.
      • =media-libs/tiff-4.0.2-r1 has been upgraded to =media-libs/tiff-4.0.8 addressing multiple security issues.
      • =www-servers/nginx-1.2.9-r6 has been upgraded to =www-servers/nginx-1.2.9-r9 addressing multiple bugs and security issues.
      • =dev-db/postgresql-{base,server}-9.2.13 has been updated to =dev-db/postgresql-{base,server}-9.2.21 addressing multiple bugs and security issues/CVEs.
      • =dev-db/percona-server-5.5.51 has been upgraded to =dev-db/percona-server-5.5.54 addressing multiple bugs and security issues.
      • =app-admin/eselect-postgresql-1.2.0 has been upgraded to =app-admin/eselect-postgresql-1.2.1 with support for PostgreSQL 9.5 series ootb.

         

For more information on Engine Yard Gentoo 12.11, see the Engine Yard Gentoo 12.11 docs.