Engine Yard Release Notes - October 2015

The updates described are either important (where you need to take action) or of interest (you might want to know about these changes but you don't need to do anything)

Engine Yard Release Notes for October 29th, 2015

Minor: Engine Yard Gentoo 12.11 stack upgrade

Action: You apply the following changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the Engine Yard Gentoo 12.11 stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v4.png

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates.

  • Adds MEMCACHED_SERVERS to environment variables in PHP apps.
    • Note: you will need to redeploy your PHP app after adding or removing instances in your environment to update Memcached Servers list.
  • Prevents exposing config directory when webroot of PHP app is '/'
  • Upgrades sysklogd to address some known vulnerabilities in CVE-2014-3634 & CVE-2014-3683
  • Upgrades Ruby 2.2.x to 2.2.3 on instances using OpenSSL 1.0.1 (default).
    • Note: currently running Ruby processes will continue to run on the existing version of ruby.  To update these processes, redeploy your app, and restart any background ruby processes.  If using passenger, run `/etc/init.d/nginx restart` after the redeploy on each app instance to restart passenger and its workers on the new version.
  • New instances booted using this stack will use a new AMI (disk image) using a 3.4.109 kernel.

For more information on Engine Yard Gentoo 12.11, see the Engine Yard Gentoo 12.11 docs.

Engine Yard Release Notes for October 22nd, 2015

Minor: Engine Yard Gentoo 2009 stack upgrade

Action: You apply the following changes the next time you click the Upgrade button for your Engine Yard Gentoo 2009 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the Engine Yard Gentoo 2009 stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v2.png

It's best practice to upgrade your Engine Yard Gentoo 2009 (stable-v2) stack regularly for the latest security and product updates. This week's updates:

  • Updates alert status info to status files for MySQL and PostgreSQL
  • Updates checkpoint alerts on DB slaves on PostgresSQL
  • Adds check to PostgreSQL DB slave instances (was previously only on DB masters).
  • Enables the logging of slow admin and slave statements for MySQL (as versions allow).
  • Enables the logging of auto vacuum duration on PostgresSQL.

For more information on Engine Yard Gentoo 2009, see the Engine Yard Gentoo 2009 docs.


Minor: Engine Yard Gentoo 12.11 stack upgrade

Action: You apply the following changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the Engine Yard Gentoo 12.11 stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v4.png

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates.

  • Updates alert status info to status files for MySQL and PostgreSQL
  • Updates checkpoint alerts on DB slaves on PostgresSQL
  • Adds check to PostgreSQL DB slave instances (was previously only on DB masters).
  • Enables the logging of slow admin and slave statements for MySQL (as versions allow).
  • Enables the logging of auto vacuum duration on PostgresSQL.

The updates described are either important (where you need to take action) or of interest (you might want to know about these changes but you don't need to do anything)

Engine Yard Release Notes for October 9th, 2015

Minor: Engine Yard Gentoo 12.11 stack upgrade

Action: You apply the following changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the Engine Yard Gentoo 12.11 stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v4.png

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates.

  • Update Nginx to use the system's shared OpenSSL 1.0.1 library to enable it to stay up to date in the future.
  • Update Nginx SSL configurations to enable TLS 1.1 and 1.2 by default, as well as provide non-common DH parameters.
  • Update Nginx SSL configurations to use the "Intermediate compatibility" cipher suite.
  • Update Ruby 2.x versions to support OpenSSL 1.0.1.

NOTE:  If you need to stay on OpenSSL 1.0.0, or need to use a different set of ciphers to support clients that are not capable of interfacing with the updated cipher list, please open a ticket with support before upgrading to this weeks release.

For more information on Engine Yard Gentoo 12.11, see the Engine Yard Gentoo 12.11 docs.


If you have feedback or questions about this page, add a comment below. If you need help, submit a ticket with Engine Yard Support.

Comments

Article is closed for comments.