PostgreSQL release

French version below

We have updated PostgrSQL following the security flaw detected in versions 9 and 8. To be more exact, there were 3 flaws, with one more important: CVE-2013-1899. This one could lead to corrupt postgres datas. Two smaller ones came after it: CVE-2013-1900 and CVE-2013-1901.

These flaws affected the 4 last versions: 9.2, 9.1, 9.0 and 8.4 (8.3 is no longer supported by Clever Cloud).

Owing the critical nature of the issue, an announce was done last week indicating that public repositories will be closed until the relase of april, 4th.

All our clusters has been updated since, leading to a shut down of a few seconds.

Moreover, we also took advantages of this opportunity to manage the distribution of 3 of 4 new versions of Exherbo.

The Clever Cloud's support remains at your disposal for any questions: mailto:support@clever-cloud.com.


Version française

Nous avons effectué la mise à jour de PostgreSQL suite à la faille de sécurité détectée dans les versions 9 et 8.

Plus exactement, il y a eu 3 failles dont une très importante : la CVE-2013-1899. Celle-ci pouvait amener à la corruption des données postgres. Deux autres plus petites lui ont succédé: CVE-2013-1900 et CVE-2013-1901

Ces failles touchaient les 4 dernières branches: 9.2, 9.1, 9.0 et 8.4 (8.3 n'étant pas supportée par Clever Cloud).

Compte tenu de la nature critique de l'incident, une annonce a été faite la semaine dernière indiquant que les dépôts publics seraient fermés en attendant la release du 4 avril.

Tous nos clusters ont depuis été mis à jour, entrainant une coupure de quelques secondes.

De plus, nous en avons profité pour gérer la distribution de 3 des 4 nouvelles versions Exherbo.

Le support Clever Cloud reste à votre disposition si vous avez des questions : mailto:support@clever-cloud.com.

Blog

À lire également

SuperBOL: The COBOL revolution in the Cloud

COBOL, a programming language that is over 60 years old, continues to power a large proportion of the IT systems of the world's major companies, particularly in the financial and insurance sectors.
Features

Clever Cloud welcomes the first startups to the UP Programme

Clever Cloud is proud to announce the arrival of the first five startups selected to join its UP Programme, an initiative dedicated to supporting young technology companies in their growth phase.
Company

A minor update resulted in a cascade of errors: how it went wrong, what we’ve learnt

On Friday, August 2nd, 2024 Clever Cloud’s platform became very unstable, leading to downtime of varying duration and scope, for customers using services on the EU-FR-1 (PAR) region, and remote zones depending on the EU-FR-1 control plane (OVHcloud, Scaleway, and Oracle). Privates and on-premise zones weren’t impacted.
Company Engineering