Author: Rick van de Loo

Release 7083: Opt-in large MySQL thread_stack

In this release we’ve added another option to the hypernode-api. You can now configure your Hypernode to use a large MySQL thread_stack. While on Hypernode you have full admin privileges on your entire MySQL database, it is not possible to change root-owned MySQL related config files. This means that you can configure any runtime setting, […]

Release 6993: Updates for all available PHP versions

In this release we have updated all the PHP versions on Hypernode to their latest version. Check out the PHP 7 Changelog on php.net and the Debian packaging changelogs for what changed: PHP 5.6.40-13 -> PHP 5.6.40-21 PHP 5.6 changelog PHP 7.0.33-12 -> PHP 7.0.33-20 PHP 7.0 changelog PHP 7.1.33-1 -> PHP 7.1.33-9 PHP 7.1 […]

Release 6911: Magento 2 preinstall updated to 2.3.4

Now that Magento 2.3.4 has been released we have updated our Magento 2 preinstall to use this new version.

Release 6828: Pinning Magerun 2 to 3.2.0

In this release we are pinning the system wide installation of magerun 2, the Magento commandline tool, to version 3.2.0. The newest 4.0.0 and up versions, while providing great features, have a bunch of breaking changes like dropping support for PHP 7.1 and Magento 2.2 and lower. For convenience we’re keeping the default version installed […]

Release 6679: New WAF rules for CVE-2019-8144, potential abuse in the wild detected

In this release we have updated the Hypernode platform with new NGINX rules to block an attack on the Magento Page Builder. Last month with the Magento 2.3.3 and 2.2.10 Security Update a patch was released for a Remote Code Execution (RCE) vulnerability in the Page Builder: PRODSECBUG-2403: Remote code execution through crafted Page Builder […]

Release 6675: The app user can now restart php7.3-fpm

When we added PHP 7.3 to Hypernode three weeks ago we forgot to add the privilege for the app user to restart this version. This has now been fixed. The app user can now restart this version of PHP as well. To restart php7.3-fpm on a Hypernode you can run:

Note that restarting PHP […]

Release 6627: The app user can read /etc/redis/redis.conf

It came to our attention that while the /etc/redis/redis-persistent.conf configuration file for the persistent Redis instance was readable by the app user, the default /etc/redis/redis.conf was not. We’ve now changed our configuration management to also make the redis.conf readable. before:

after:

For more information about our Redis configuration see this article.

Release 6626: PHP updates, 7.0.33-12, 7.1.33-1, 7.2.24-1, 7.3.11-1 and 5.6.40-13

As announced on Friday, today we have updated the PHP version in our repositories to the following versions:

For details, see the PHP changelog or the Debian PHP Team packaging changelog.

Release 6625: Preparing PHP upgrade for CVE-2019-11043

Yesterday a new vulnerability in PHP was disclosed where a specific setting of PHP-FPM, combined with a certain NGINX configuration, could result in the possibility of remote code execution. The Hypernode platform is not vulnerable, because our NGINX configuration does not satisfy the preconditions for this bug to be exploitable. However, to prevent similar attack […]

Release 6591: php-xdebug for PHP 7.3 for hypernode-docker

In this release we update the version of php-xdebug in our repositories from 2.6.0+2.5.5-byte2 to 2.7.2+2.5.5-byte3. We updated to this new version in order to add support for the new PHP 7.3 (which since yesterday has also been available in the latest version of the docker). While it is not possible to use php-xdebug on […]