Dear Team,
We need an advise on the below topics.
1)Is there any security/bug fix patches is available from mongodb side?
2) If yes, How can we apply in centos servers. Kindly suggest.
Thanks
Bala
The current version of MongoDB is 4.4.6. If this is what you are running with, you are good to go from MongoDB’s point of view.
Everything else is OS specific and depends on your packages installed, etc.
I would recommend to have a look to MongoDB production notes though and also the security checklist:
Cheers,
Maxime.
I would definitely follow @MaBeuLux88’s suggestions to tune and secure your production deployment. I’ve added some further detail below in regards to updates.
Bug fixes & security updates are included in minor/patch releases (X.Y.Z) which are associated with a specific major release version (X.Y). Minor releases do not introduce any backward-breaking compatibility or behaviour changes, so upgrading or downgrading between patch releases for the same major version of MongoDB only differs by the server binaries that are deployed.
The MongoDB Release Notes include a list of changes in each release. You can also find critical alerts and advisories via the MongoDB Alerts page and subscribe to Enterprise Release Announcements for news of production releases (Enterprise & Community server versions are released concurrently).
Assuming you have installed via RPM packages and the normal Installation on Redhat/CentOS, you would orchestrate doing yum update on the members of your cluster and restart the MongoDB processes after upgrading the binaries.
To avoid accidentally pulling a major version upgrade, I would include the major version numbers when installing and pin the packages by excluding in /etc/yum.conf or using yum versionlock.
Borrowing an example from the documentation to install the latest version of MongoDB 4.4 server and tools:
sudo yum install -y mongodb-org-4.4 mongodb-org-server-4.4 mongodb-org-shell-4.4 mongodb-org-mongos-4.4 mongodb-org-tools-4.4
Regards,
Stennie
1 Like