KUSANAGI Update 8.4.1-1

KUSANAGI Update 8.4.1

Enhanced security function for KUSANAGI.

As of 8.4.1, the following features are available:

  • OpenSSL1.1.1
  • SELinux
nginx 1.15.5 (OpenSSL 1.1.1)
httpd 2.4.35 (OpenSSL 1.1.1)
PHP7 7.2.11 (OpenSSL 1.1.1)
OpenSSL 1.1.1

To enable to SELinux

# kusanagi selinux on

If the message shows below, need to reboot the server.

# kusanagi selinux on
NOTICE: SELinux is currently 'disabled'. Please reboot this machine. And then, run 'kusanagi selinux on' command again.
Failed.

To disable to SELinux

# kusanagi selinux off

SELinux default setting is disable unless executing kusanagi selinux command.

Please check this kusanagi document for details about kusanagi command.

To enable the aforementioned features, execute the following command:

# yum update

KUSANAGI Update 8.4.0-3

KUSANAGI Update 8.4.0-3

KUSANAGI 8.4.0-3 update with bug fix has been released.

For those using version 8.4.0-2 and earlier, running the command below with root privileges will update KUSANAGI to 8.4.0-3.

# yum update

If you have just performed the most recent update and the leftover cache causes a “no pakages marked for update” error, use the following command and then perform a yum update.

# yum clean all

Bugfixes in KUSANAGI 8.4.0-3

8.4.0-3 fixes the following issues:

An error message appears kusanagi init is executed with HHVM selected.

In version 8.4.0-2, In version 8.4.0-2, Composer install automatically when executing kusanagi init command but Composer had installation error when selected HHVM.

This issue was fixed in KUSANAGI 8.4.0-2.

KUSANAGI Update 8.4.0

KUSANAGI Update 8.4.0

New KUSANAGI deployment features have been added.

As of 8.4.0, the following features are available:

  • WAF
  • No longer support TLS1.1 and older version
  • Vuls(Vulnerbility scanner)
  • Open Source Tripwire (IDS)
  • Open Source Tripwire (IDS)
nginx 1.15.2 (OpenSSL 1.0.2p)
PHP7 7.2.9 (OpenSSL 1.0.2p)
httpd 5.1.12 (OpenSSL 1.0.2p)
OpenSSL 1.0.2p

TSL1.1 will be disabled when KUSANAGI update.

use the following command to enable WAF

# kusanagi waf on

Note: WAF is available on new provisioned website.

use the following command to enable Vuls

# kusanagi addon install vuls

use the following command to enable Open Source Tripwire

# kusanagi addon install tripwire

use the following command to enable Suricata

# kusanagi addon install suricata

Please check this kusanagi document for details about kusanagi command.

To enable the aforementioned features, execute the following command:

# yum update