release: / 29

Github source: c69bdeac or master branch

Security Update

While performing an upgrade, the team discovered a security issue, CVE-2016-6653. This affects cf-mysql releases v27 and v28.

In the case where either has been deployed, and the following three conditions are true: - Configured to send logs to a syslog service - Syslog transport is not encrypted - Audit logging is enabled

… then, cf-mysql will mistakenly send those audit logs to to the syslog service without encryption.

Especially in the case where the query directive has been specified in the cf_mysql.mysql.server_audit_events property, this can transmit all application data in a way that is not protected from network observers.

Furthermore, in this configuration, BOSH will not be able to automatically upgrade, see below.

Bug Fixes

  • Do not send the mysql audit logs to syslog [#131120795]
  • Detaching the persistent disk failed when both syslog and audit logs were enabled [#131023259]

Upgrading from cf-mysql v27 or v28

  • If upgrading from v27 or v28, if both cf_mysql.mysql.server_audit_events property and syslog_aggregator had been configured, you may encounter problems when bosh tries to detach the persistent disk from the MySQL VMs. This will look like the following:

Started updating job mysql_z1 > mysql_z1/0 (55170f29-1796-48ef-ac48-abb325eec1a8) (canary). Failed: Action Failed get_task: Task 462ff34b-78ed-4d16-5ce9-fd707a45e9f1 result: Migrating persistent disk: Remounting persistent disk as readonly: Unmounting /var/vcap/store: Running command: ‘umount /var/vcap/store’, stdout: “, stderr: ‘umount: /var/vcap/store: device is busy.

(In some cases useful info about processes that use the device is found by lsof(8) or fuser(1))

The problem can be resolved by: 1. Ssh onto the MySQL VMs, using your preferred method 1. Comment out lines 44-48 of /etc/rsyslog.d/00-syslog_forwarder.conf 1. kill the rsyslogd process 1. Run bosh deploy again; it should succeed this time


In typical agile fashion, we had completed a few feature stories, so they’re included as well. - galera_healthcheck should log when it encounters a bad state or error discovering state [#128880727] - The galera_healthcheck job now logs more verbosely when it encounters problems. - switchboard proxy should provide an HTTP healthcheck [#130696613] - This allows the cluster to work with Load Balancers that use only HTTP health checks. - The health check port should continue to work with load balancers that use TCP health checks.

Upload this release version to the Director:

$ bosh upload release

Modify deployment manifest to use this release in addition to any other used releases:

- {name: cf-mysql, version: "29"}

Finally add needed deployment jobs and specify values for required properties.

Optionally download sha1: c335d01d83b83a17dfd8713f1b1e83e28d4bd02a release tarball locally:

# ...or download it directly using curl
$ curl -L -J -O

# or with wget...
$ wget --content-disposition