Author: Rick van de Loo

Release 6679: New WAF rules for CVE-2019-8144, potential abuse in the wild detected

In this release we have updated the Hypernode platform with new NGINX rules to block an attack on the Magento Page Builder. Last month with the Magento 2.3.3 and 2.2.10 Security Update a patch was released for a Remote Code Execution (RCE) vulnerability in the Page Builder: PRODSECBUG-2403: Remote code execution through crafted Page Builder […]

Release 6675: The app user can now restart php7.3-fpm

When we added PHP 7.3 to Hypernode three weeks ago we forgot to add the privilege for the app user to restart this version. This has now been fixed. The app user can now restart this version of PHP as well. To restart php7.3-fpm on a Hypernode you can run:

Note that restarting PHP […]

Release 6627: The app user can read /etc/redis/redis.conf

It came to our attention that while the /etc/redis/redis-persistent.conf configuration file for the persistent Redis instance was readable by the app user, the default /etc/redis/redis.conf was not. We’ve now changed our configuration management to also make the redis.conf readable. before:

after:

For more information about our Redis configuration see this article.

Release 6626: PHP updates, 7.0.33-12, 7.1.33-1, 7.2.24-1, 7.3.11-1 and 5.6.40-13

As announced on Friday, today we have updated the PHP version in our repositories to the following versions:

For details, see the PHP changelog or the Debian PHP Team packaging changelog.

Release 6625: Preparing PHP upgrade for CVE-2019-11043

Yesterday a new vulnerability in PHP was disclosed where a specific setting of PHP-FPM, combined with a certain NGINX configuration, could result in the possibility of remote code execution. The Hypernode platform is not vulnerable, because our NGINX configuration does not satisfy the preconditions for this bug to be exploitable. However, to prevent similar attack […]

Release 6591: php-xdebug for PHP 7.3 for hypernode-docker

In this release we update the version of php-xdebug in our repositories from 2.6.0+2.5.5-byte2 to 2.7.2+2.5.5-byte3. We updated to this new version in order to add support for the new PHP 7.3 (which since yesterday has also been available in the latest version of the docker). While it is not possible to use php-xdebug on […]

Release 6586: PHP 7.3 available on Hypernode

Today we’re making PHP 7.3 available on Hypernode. In yesterday’s changelog some of the changes we did to incorporate this new version into our platform were described, and today we will be adding the option for customers to change to this new version in their production environment. You can switch to this new version of […]

Release 6582: Sudo security update CVE-2019-14287

In this release we have updated the sudo package to address CVE-2019-14287. Yesterday a security vulnerability was announced where commands could be made to run as root using sudo if called with a specially crafted user ID. While we were not vulnerable to this attack, we have deployed this update to all Hypernodes, as additional […]

Release 6581: Preparing Hypernode for PHP 7.3, Magento 2.3.3 preinstall and sample data

Now that Magento 2.3.3 has been released we have been preparing our platform for supporting PHP 7.3. Magento now officially supports PHP 7.3 since this new version. PHP 7.3 is supposed to be slightly faster than PHP 7.2 for specific work-loads, check out these benchmarks by Phoronix. In order to support this new version of […]

Release 6570: php-apcu can be enabled via the hypernode-api

In this release we have added the new functionality of being able to enable the php-apcu PHP module using the hypernode-api. This module is required for running Akeneo and it can also be used by Shopware. We will not enable this module by default as it might get in the way of your Magento performance. […]