Skip to content

HENGSHI SENSE Security Vulnerability Handling FAQ

CVE Numbers: CVE-2023-28432 CVE-2024-24747

Generally, if built-in components have vulnerabilities, the HENGSHI SENSE product will automatically upgrade them to a stable major version during product updates. If you wish to upgrade manually ahead of the HENGSHI SENSE product update, you can refer to this document for guidance.

The entire process involves manually replacing the old version of MinIO and copying the data from the old version to the new MinIO instance.

1. Add minio alias

Download the mc command to the system in advance mc

bash
chmod +x mc
sudo cp mc /usr/local/bin/
# Execute mc --version to see multiple options of mc, which indicates normal operation
bash
mc alias set old-minio http://IP:9000 hengshi hengshi202020

The following output indicates success:

bash
Added `old-minio` successfully.

2. Copy Old Data to Local

bash
mkdir backup-old-minio-data
mc cp --recursive old-minio/hengshi/ backup-old-minio-data/

3. Replace Minio Version

Rename the new minio.RELEASE.xxx program to minio and copy it to the ${HENGSHI_HOME}/lib/minio/ directory.

Note

<HENGSHI_HOME> is your installation directory variable, not a specific path. For example, if installed under /opt/hengshi, the full path would be /opt/hengshi/lib/minio/.

Stop the Minio service:

bash
/opt/hengshi/bin/hengshi-sense-bin stop minio

Rename the minio-data directory:

bash
cd /opt/hengshi
mv minio-data minio-data.bak

Replace Minio:

bash
cd /opt/hengshi/lib/minio/
mv minio minio.bak
mv minio.RELEASE.2024-02-04T22-36-13Z minio
chmod +x minio

Start the Minio service:

bash
/opt/hengshi/bin/hengshi-sense-bin start minio
# At this point, a new minio-data directory is generated, and its data is empty.

4. Copy Data to the New Minio

bash
mc mb old-minio/hengshi # Create a new bucket
mc cp --recursive backup-old-minio-data/ old-minio/hengshi/

User Manual for Hengshi Analysis Platform