Earlier today, we ran an article detailing that Oracle released 270 critical security updates for many of its products, including MySQL cluster which we use here to provide high uptime and reliability for SoylentNews. Needless to say, it was time to upgrade both NDB backends, and the four MySQLd frontends. While the upgrade did not go completely smoothly due to the fact that MySQL strict mode got enabled, and broke the site briefly, our total downtime was less than five minutes or so. Right now, we had to do a full flush and purge of all caches, which means the site is running a bit larky until they can repopulate but I'm pleased to announce we're up to date and secure!
ndb_mgm> show Cluster Configuration --------------------- [ndbd(NDB)] 2 node(s) id=2 @redacted (mysql-5.7.17 ndb-7.5.5, Nodegroup: 0) id=3 @redacted (mysql-5.7.17 ndb-7.5.5, Nodegroup: 0, *) [ndb_mgmd(MGM)] 2 node(s) id=101 @redacted (mysql-5.7.17 ndb-7.5.5) id=102 @redacted (mysql-5.7.17 ndb-7.5.5) [mysqld(API)] 4 node(s) id=11 @redacted (mysql-5.7.17 ndb-7.5.5) id=12 @redacted (mysql-5.7.17 ndb-7.5.5) id=13 @redacted (mysql-5.7.17 ndb-7.5.5) id=14 @redacted (mysql-5.7.17 ndb-7.5.5)
If you notice any unusual breakages or slowdowns, please let me know in the comments. Otherwise, keep calm and carry on!
~ NCommander
(Score: 2) by kazzie on Friday January 20 2017, @06:35PM
270 critical updates? That makes Microsoft's Patch Tuesday seem tame in comparison. Were they stockpiling these for a special occasion?
(Score: 3, Insightful) by urza9814 on Friday January 20 2017, @06:52PM
No, they just had to leave those in until they finished building a more permanent backdoor for the NSA.
(Score: 0) by Anonymous Coward on Friday January 20 2017, @09:17PM
I don't think they need to program in back door access for the NSA. 270 updates / 3 months in a quarter = 90 updates a month. This means that with 45 separate pieces of software, there is one new critical update per product every two weeks, on average. People coding in back doors on purpose wouldn't be leaving that many weak ones for your competitors to take advantage of as well. This all just screams terrible code bases and no comprehensive testing.
(Score: 0) by Anonymous Coward on Saturday January 21 2017, @01:23AM
A story still on the front page says
One might easily draw the conclusion that Oracle simply produces software of a low quality and doesn't do proper testing.
.
One more round of cheers for our all-volunteer staff.
-- OriginalOwner_ [soylentnews.org]